CVE-2021-3791 - OpenCVE

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Binatoneglobal	Comfort 85 Connect Mbp4855 Cn75 Cn28 Cn28 Firmware Lux 85 Connect Ease44 Lux 85 Connect Firmware Comfort 85 Connect Firmware Comfort 50 Connect Firmware Connect View 65 Halo\+ Camera Comfort 50 Connect Cn40 Firmware Cn50 Firmware Mbp669 Connect Mbp6855 Firmware Lux 65 Firmware Comfort 40 Lux 64 Firmware Cn40 Cn50 Comfort 40 Firmware Mbp3667 Firmware Focus 68 Firmware Mbp669 Connect Firmware Focus 72r Connect 20 Firmware Lux 64 Mbp3855 Mbp3855 Firmware Mbp3667 Ease44 Firmware Connect View 65 Firmware Mbp4855 Firmware Cn75 Firmware Focus 68 Focus 72r Firmware Connect 20 Mbp6855 Lux 65 Halo\+ Camera Firmware

Configuration 1 [-]

AND

cpe:2.3:o:binatoneglobal:halo\+_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:halo\+_camera:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*

References

Link	Resource
https://binatoneglobal.com/security-advisory/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: lenovo

Published: 2021-11-12T22:05:49

Updated: 2021-11-12T22:05:49

Reserved: 2021-09-09T00:00:00

Link: CVE-2021-3791

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-12T22:15:08.367

Modified: 2021-11-16T18:39:20.437

Link: CVE-2021-3791

JSON object: View

Redhat Information

No data.

CWE

CWE-532