Sign-up

ID

VAR-201304-0141


CVE

CVE-2013-0139


TITLE

Arecont Vision AV1355DN Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2013-03329 // CNNVD: CNNVD-201304-213

DESCRIPTION

The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69. Arecont Vision Provided by AV1355DN There is a service disruption (DoS) Vulnerabilities exist. Arecont Vision Provided by AV1355DN Is 69/UDP There is a problem in the processing of the packet addressed to it, and the service operation is interrupted (DoS) Vulnerabilities exist.A remote attacker may stop the recording function of the product. In order to resume the recording function, it is necessary to turn the product off and on again. The Arecont Vision AV1355DN is a network surveillance camera. Arecont Vision AV1355DN MegaDome has been compromised. Crashes can also be triggered by the tools Nessus and NMAP. Arecont Vision AV1355DN is prone to a denial-of-service vulnerability

Trust: 3.24

sources: NVD: CVE-2013-0139 // CERT/CC: VU#375180 // JVNDB: JVNDB-2013-002417 // CNVD: CNVD-2013-03329 // BID: 59067 // VULHUB: VHN-60141

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-03329

AFFECTED PRODUCTS

vendor:arecontmodel:vision av1355dn megadome camerascope:eqversion: -

Trust: 1.6

vendor:arecont visionmodel: - scope: - version: -

Trust: 0.8

vendor:arecont visionmodel:megadome series av1355dnscope: - version: -

Trust: 0.8

vendor:arecontmodel:vision av1355dn megadomescope: - version: -

Trust: 0.6

sources: CERT/CC: VU#375180 // CNVD: CNVD-2013-03329 // JVNDB: JVNDB-2013-002417 // CNNVD: CNNVD-201304-213 // NVD: CVE-2013-0139

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2013-0139
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2013-0139
value: HIGH

Trust: 1.0

CNVD: CNVD-2013-03329
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201304-213
value: HIGH

Trust: 0.6

VULHUB: VHN-60141
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-0139
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

NVD: CVE-2013-0139
severity: HIGH
baseScore: 7.8
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2013-03329
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-60141
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#375180 // CNVD: CNVD-2013-03329 // VULHUB: VHN-60141 // JVNDB: JVNDB-2013-002417 // CNNVD: CNNVD-201304-213 // NVD: CVE-2013-0139

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-0139

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-213

TYPE

Design Error

Trust: 0.3

sources: BID: 59067

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002417

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#375180

PATCH
title:MegaDome Series - AV1355DNurl:http://www.arecontvision.com/product/MegaDome+Series/AV1355DN
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-002417

EXTERNAL IDS
db:CERT/CCid:VU#375180
Trust: 3.9
db:NVDid:CVE-2013-0139
Trust: 3.4
db:BIDid:59067
Trust: 1.6
db:JVNid:JVNVU94295396
Trust: 0.8
db:JVNDBid:JVNDB-2013-002417
Trust: 0.8
db:CNNVDid:CNNVD-201304-213
Trust: 0.7
db:CNVDid:CNVD-2013-03329
Trust: 0.6
db:VULHUBid:VHN-60141
Trust: 0.1
sources:
            
            
            CERT/CC: VU#375180 // 
            
            
            
            CNVD: CNVD-2013-03329 // 
            
            
            
            VULHUB: VHN-60141 // 
            
            
            
            BID: 59067 // 
            
            
            
            JVNDB: JVNDB-2013-002417 // 
            
            
            
            CNNVD: CNNVD-201304-213 // 
            
            
            
            NVD: CVE-2013-0139

REFERENCES
url:http://www.kb.cert.org/vuls/id/375180
Trust: 3.1
url:about vulnerability notes
Trust: 0.8
url:contact us about this vulnerability
Trust: 0.8
url:provide a vendor statement
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0139
Trust: 0.8
url:http://jvn.jp/cert/jvnvu94295396
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0139
Trust: 0.8
url:http://www.securityfocus.com/bid/59067
Trust: 0.6
sources:
            
            
            CERT/CC: VU#375180 // 
            
            
            
            CNVD: CNVD-2013-03329 // 
            
            
            
            VULHUB: VHN-60141 // 
            
            
            
            JVNDB: JVNDB-2013-002417 // 
            
            
            
            CNNVD: CNNVD-201304-213 // 
            
            
            
            NVD: CVE-2013-0139

CREDITS
Charles Corcoran
Trust: 0.9
sources:
            
            
            BID: 59067 // 
            
            
            
            CNNVD: CNNVD-201304-213

SOURCES
db:CERT/CCid:VU#375180
db:CNVDid:CNVD-2013-03329
db:VULHUBid:VHN-60141
db:BIDid:59067
db:JVNDBid:JVNDB-2013-002417
db:CNNVDid:CNNVD-201304-213
db:NVDid:CVE-2013-0139

LAST UPDATE DATE
2025-04-11T23:16:38.220000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#375180date:2013-04-15T00:00:00
db:CNVDid:CNVD-2013-03329date:2013-05-22T00:00:00
db:VULHUBid:VHN-60141date:2013-04-19T00:00:00
db:BIDid:59067date:2013-04-15T00:00:00
db:JVNDBid:JVNDB-2013-002417date:2013-04-22T00:00:00
db:CNNVDid:CNNVD-201304-213date:2013-04-19T00:00:00
db:NVDid:CVE-2013-0139date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#375180date:2013-04-15T00:00:00
db:CNVDid:CNVD-2013-03329date:2013-04-17T00:00:00
db:VULHUBid:VHN-60141date:2013-04-18T00:00:00
db:BIDid:59067date:2013-04-15T00:00:00
db:JVNDBid:JVNDB-2013-002417date:2013-04-22T00:00:00
db:CNNVDid:CNNVD-201304-213date:2013-04-16T00:00:00
db:NVDid:CVE-2013-0139date:2013-04-18T18:55:03.827