CVE-2020-3929 - OpenCVE

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Usavisionsys	Geovision Gv-as810 Geovision Gv-gf192x Firmware Geovision Gv-as410 Firmware Geovision Gv-as1010 Firmware Geovision Gv-gf192x Geovision Gv-as210 Geovision Gv-as1010 Geovision Gv-as210 Firmware Geovision Gv-as810 Firmware Geovision Gv-as410

Configuration 1 [-]

AND

cpe:2.3:o:usavisionsys:geovision_gv-as210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:usavisionsys:geovision_gv-as210:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:usavisionsys:geovision_gv-as410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:usavisionsys:geovision_gv-as410:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:usavisionsys:geovision_gv-as810_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:usavisionsys:geovision_gv-as810:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:usavisionsys:geovision_gv-as1010_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:usavisionsys:geovision_gv-as1010:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:usavisionsys:geovision_gv-gf192x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:usavisionsys:geovision_gv-gf192x:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: twcert

Published: 2020-06-12T00:00:00

Updated: 2020-06-12T08:25:23

Reserved: 2019-12-20T00:00:00

Link: CVE-2020-3929

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-12T09:15:10.380

Modified: 2020-06-18T00:50:51.093

Link: CVE-2020-3929

JSON object: View

Redhat Information

No data.

CWE

CWE-326

{"containers": {"cna": {"affected": [{"product": "Door Access Control Device", "vendor": "GeoVision", "versions": [{"lessThanOrEqual": "2.21", "status": "affected", "version": "GV-AS210", "versionType": "custom"}, {"lessThanOrEqual": "2.21", "status": "affected", "version": "GV-AS410", "versionType": "custom"}, {"lessThanOrEqual": "2.21", "status": "affected", "version": "GV-AS810", "versionType": "custom"}, {"lessThanOrEqual": "1.10", "status": "affected", "version": "GV-GF192x", "versionType": "custom"}, {"lessThanOrEqual": "1.32", "status": "affected", "version": "GV-AS1010", "versionType": "custom"}]}], "datePublic": "2020-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Shared cryptographic keys", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-12T08:25:23", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html"}], "solutions": [{"lang": "en", "value": "Update to version 2.22 in GV-AS210\nUpdate to version 2.22 in GV-AS410\nUpdate to version 2.22 in GV-AS810\nUpdate to version 1.22 in GV-GF192x\nUpdate to version 1.33 in GV-AS1010"}], "source": {"discovery": "UNKNOWN"}, "title": "GeoVision Door Access Control Device - Shared cryptographic keys", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2020-06-12T08:00:00.000Z", "ID": "CVE-2020-3929", "STATE": "PUBLIC", "TITLE": "GeoVision Door Access Control Device - Shared cryptographic keys"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Door Access Control Device", "version": {"version_data": [{"version_affected": "<=", "version_name": "GV-AS210", "version_value": "2.21"}, {"version_affected": "<=", "version_name": "GV-AS410", "version_value": "2.21"}, {"version_affected": "<=", "version_name": "GV-AS810", "version_value": "2.21"}, {"version_affected": "<=", "version_name": "GV-GF192x", "version_value": "1.10"}, {"version_affected": "<=", "version_name": "GV-AS1010", "version_value": "1.32"}]}}]}, "vendor_name": "GeoVision"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Shared cryptographic keys"}]}]}, "references": {"reference_data": [{"name": "https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html"}]}, "solution": [{"lang": "en", "value": "Update to version 2.22 in GV-AS210\nUpdate to version 2.22 in GV-AS410\nUpdate to version 2.22 in GV-AS810\nUpdate to version 1.22 in GV-GF192x\nUpdate to version 1.33 in GV-AS1010"}], "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2020-3929", "datePublished": "2020-06-12T00:00:00", "dateReserved": "2019-12-20T00:00:00", "dateUpdated": "2020-06-12T08:25:23", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:usavisionsys:geovision_gv-as210_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2480CC4C-F807-45F1-81EA-B285AF76F4B5", "versionEndExcluding": "2.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:usavisionsys:geovision_gv-as210:-:*:*:*:*:*:*:*", "matchCriteriaId": "769CD421-6EAB-405A-AE7B-9792A0AA6505", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:usavisionsys:geovision_gv-as410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE2ED4E6-EF78-4316-BC93-DA9612353C05", "versionEndExcluding": "2.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:usavisionsys:geovision_gv-as410:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B1FD8AD-82E4-43E7-87BE-5EBD5FC3F7FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:usavisionsys:geovision_gv-as810_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C6FDC61-7A54-465D-86D1-D6A77A06DF41", "versionEndExcluding": "2.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:usavisionsys:geovision_gv-as810:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBF997D8-2BD1-4D02-94E3-AC127F5793DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:usavisionsys:geovision_gv-as1010_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55ED99A6-AB97-4FBA-884C-2C341AD61DDF", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:usavisionsys:geovision_gv-as1010:-:*:*:*:*:*:*:*", "matchCriteriaId": "86F92B38-DE28-4D9F-B3C4-A7E383619E24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:usavisionsys:geovision_gv-gf192x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED3D5C9C-C65D-4E3B-B4E9-BA6A4AAA8256", "versionEndExcluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:usavisionsys:geovision_gv-gf192x:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A6C15EC-B6F9-4EE1-89D0-3B2D1A8DB803", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages."}, {"lang": "es", "value": "La familia de dispositivos GeoVision Door Access Control emplea claves privadas criptogr\u00e1ficas compartidas para SSH y HTTPS. Los atacantes pueden conducir ataques MITM con las claves derivadas y recuperan texto plano de mensajes cifrados"}], "id": "CVE-2020-3929", "lastModified": "2020-06-18T00:50:51.093", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2020-06-12T09:15:10.380", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-3696-6601c-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}]}