MidnightBSD

Advisories for securitashome

CVE-2021-40170 MEDIUM

An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to trigger arbitrary system functionality by replaying previously recorded signals. This lets an adversary, among other things, disarm an armed system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H 1.6 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-294,

Products Affected

Vendor Product Version
securitashome securitashome_alarm_system_firmware hpgw-g_0.0.2.23f_bg_u-itr-f1-bd_bl.a30.20181117
CVE-2021-40171 MEDIUM

The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
securitashome securitashome_alarm_system_firmware hpgw-g_0.0.2.23f_bg_u-itr-f1-bd_bl.a30.20181117