Sign-up

ID

VAR-201512-0023


CVE

CVE-2015-7930


TITLE

Adcon Telemetry A840 Telemetry Gateway Vulnerability to gain management access on base station

Trust: 0.8

sources: JVNDB: JVNDB-2015-006522

DESCRIPTION

Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may gain administrative access. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. Multiple information-disclosure vulnerabilities 3. An authentication-bypass vulnerability Attackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks

Trust: 2.61

sources: NVD: CVE-2015-7930 // JVNDB: JVNDB-2015-006522 // CNVD: CNVD-2015-08416 // BID: 79345 // VULHUB: VHN-85891 // VULMON: CVE-2015-7930

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-08416

AFFECTED PRODUCTS

vendor:adconmodel:a840 telemetry gateway base stationscope:eqversion:*

Trust: 1.0

vendor:adcon telemetrymodel:a840 telemetry gatewayscope:eqversion: -

Trust: 0.8

vendor:adconmodel:telemetry a840 telemetry gateway icsa-15-349-01scope: - version: -

Trust: 0.6

vendor:adconmodel:a840 telemetry gateway base stationscope: - version: -

Trust: 0.6

vendor:adconmodel:telemetry a850 telemetry gatewayscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2015-08416 // BID: 79345 // JVNDB: JVNDB-2015-006522 // CNNVD: CNNVD-201512-503 // NVD: CVE-2015-7930

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7930
value: CRITICAL

Trust: 1.0

NVD: CVE-2015-7930
value: HIGH

Trust: 0.8

CNVD: CNVD-2015-08416
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201512-503
value: CRITICAL

Trust: 0.6

VULHUB: VHN-85891
value: HIGH

Trust: 0.1

VULMON: CVE-2015-7930
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-7930
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2015-08416
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-85891
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-7930
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2015-08416 // VULHUB: VHN-85891 // VULMON: CVE-2015-7930 // JVNDB: JVNDB-2015-006522 // CNNVD: CNNVD-201512-503 // NVD: CVE-2015-7930

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2015-006522 // NVD: CVE-2015-7930

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-503

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201512-503

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006522

PATCH
title:Base Stationsurl:http://www.adcon.at/index.php?option=com_hikashop&view=product&layout=listing&Itemid=219&lang=en
Trust: 0.8
title:Adcon Telemetry A840 Telemetry Gateway Hardcoded Certificate Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/68812
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-08416 // 
            
            
            
            JVNDB: JVNDB-2015-006522

EXTERNAL IDS
db:NVDid:CVE-2015-7930
Trust: 3.5
db:ICS CERTid:ICSA-15-349-01
Trust: 2.9
db:BIDid:79345
Trust: 2.7
db:JVNDBid:JVNDB-2015-006522
Trust: 0.8
db:CNNVDid:CNNVD-201512-503
Trust: 0.7
db:CNVDid:CNVD-2015-08416
Trust: 0.6
db:VULHUBid:VHN-85891
Trust: 0.1
db:VULMONid:CVE-2015-7930
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-08416 // 
            
            
            
            VULHUB: VHN-85891 // 
            
            
            
            VULMON: CVE-2015-7930 // 
            
            
            
            BID: 79345 // 
            
            
            
            JVNDB: JVNDB-2015-006522 // 
            
            
            
            CNNVD: CNNVD-201512-503 // 
            
            
            
            NVD: CVE-2015-7930

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-349-01
Trust: 3.0
url:http://www.securityfocus.com/bid/79345
Trust: 2.5
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7930
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7930
Trust: 0.8
url:http://www.adcon.at/index.php?option=com_content&view=article&id=75:a850-telemetry-gateway&catid=8&itemid=196&lang=en
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-08416 // 
            
            
            
            VULHUB: VHN-85891 // 
            
            
            
            VULMON: CVE-2015-7930 // 
            
            
            
            BID: 79345 // 
            
            
            
            JVNDB: JVNDB-2015-006522 // 
            
            
            
            CNNVD: CNNVD-201512-503 // 
            
            
            
            NVD: CVE-2015-7930

CREDITS
Aditya K. Sood
Trust: 0.9
sources:
            
            
            BID: 79345 // 
            
            
            
            CNNVD: CNNVD-201512-503

SOURCES
db:CNVDid:CNVD-2015-08416
db:VULHUBid:VHN-85891
db:VULMONid:CVE-2015-7930
db:BIDid:79345
db:JVNDBid:JVNDB-2015-006522
db:CNNVDid:CNNVD-201512-503
db:NVDid:CVE-2015-7930

LAST UPDATE DATE
2025-04-13T23:03:36.877000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-08416date:2015-12-23T00:00:00
db:VULHUBid:VHN-85891date:2016-11-28T00:00:00
db:VULMONid:CVE-2015-7930date:2016-11-28T00:00:00
db:BIDid:79345date:2015-12-15T00:00:00
db:JVNDBid:JVNDB-2015-006522date:2015-12-25T00:00:00
db:CNNVDid:CNNVD-201512-503date:2015-12-24T00:00:00
db:NVDid:CVE-2015-7930date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-08416date:2015-12-23T00:00:00
db:VULHUBid:VHN-85891date:2015-12-24T00:00:00
db:VULMONid:CVE-2015-7930date:2015-12-24T00:00:00
db:BIDid:79345date:2015-12-15T00:00:00
db:JVNDBid:JVNDB-2015-006522date:2015-12-25T00:00:00
db:CNNVDid:CNNVD-201512-503date:2015-12-17T00:00:00
db:NVDid:CVE-2015-7930date:2015-12-24T01:59:00.113