Sign-up

ID

VAR-201512-0025


CVE

CVE-2015-7932


TITLE

Adcon Telemetry A840 Telemetry Gateway Vulnerability to obtain important information in base station

Trust: 0.8

sources: JVNDB: JVNDB-2015-006524

DESCRIPTION

Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to obtain sensitive information by sniffing the network. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. A hard-coded credentials security-bypass vulnerability 2. Multiple information-disclosure vulnerabilities 3. An authentication-bypass vulnerability Attackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks

Trust: 2.61

sources: NVD: CVE-2015-7932 // JVNDB: JVNDB-2015-006524 // CNVD: CNVD-2015-08415 // BID: 79345 // VULHUB: VHN-85893 // VULMON: CVE-2015-7932

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-08415

AFFECTED PRODUCTS

vendor:adconmodel:a840 telemetry gateway base stationscope:eqversion:*

Trust: 1.0

vendor:adcon telemetrymodel:a840 telemetry gatewayscope:eqversion: -

Trust: 0.8

vendor:adconmodel:telemetry a840 telemetry gateway icsa-15-349-01scope: - version: -

Trust: 0.6

vendor:adconmodel:a840 telemetry gateway base stationscope: - version: -

Trust: 0.6

vendor:adconmodel:telemetry a850 telemetry gatewayscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2015-08415 // BID: 79345 // JVNDB: JVNDB-2015-006524 // CNNVD: CNNVD-201512-505 // NVD: CVE-2015-7932

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7932
value: HIGH

Trust: 1.0

NVD: CVE-2015-7932
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-08415
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201512-505
value: MEDIUM

Trust: 0.6

VULHUB: VHN-85893
value: MEDIUM

Trust: 0.1

VULMON: CVE-2015-7932
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-7932
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2015-08415
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-85893
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-7932
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2015-08415 // VULHUB: VHN-85893 // VULMON: CVE-2015-7932 // JVNDB: JVNDB-2015-006524 // CNNVD: CNNVD-201512-505 // NVD: CVE-2015-7932

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-85893 // JVNDB: JVNDB-2015-006524 // NVD: CVE-2015-7932

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-505

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201512-505

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006524

PATCH
title:Base Stationsurl:http://www.adcon.at/index.php?option=com_hikashop&view=product&layout=listing&Itemid=219&lang=en
Trust: 0.8
title:Adcon Telemetry A840 Telemetry Gateway Information Disclosure Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/68813
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-08415 // 
            
            
            
            JVNDB: JVNDB-2015-006524

EXTERNAL IDS
db:NVDid:CVE-2015-7932
Trust: 3.5
db:ICS CERTid:ICSA-15-349-01
Trust: 2.9
db:BIDid:79345
Trust: 2.7
db:JVNDBid:JVNDB-2015-006524
Trust: 0.8
db:CNNVDid:CNNVD-201512-505
Trust: 0.7
db:CNVDid:CNVD-2015-08415
Trust: 0.6
db:VULHUBid:VHN-85893
Trust: 0.1
db:VULMONid:CVE-2015-7932
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-08415 // 
            
            
            
            VULHUB: VHN-85893 // 
            
            
            
            VULMON: CVE-2015-7932 // 
            
            
            
            BID: 79345 // 
            
            
            
            JVNDB: JVNDB-2015-006524 // 
            
            
            
            CNNVD: CNNVD-201512-505 // 
            
            
            
            NVD: CVE-2015-7932

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-349-01
Trust: 3.0
url:http://www.securityfocus.com/bid/79345
Trust: 2.5
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7932
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7932
Trust: 0.8
url:http://www.adcon.at/index.php?option=com_content&view=article&id=75:a850-telemetry-gateway&catid=8&itemid=196&lang=en
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-08415 // 
            
            
            
            VULHUB: VHN-85893 // 
            
            
            
            VULMON: CVE-2015-7932 // 
            
            
            
            BID: 79345 // 
            
            
            
            JVNDB: JVNDB-2015-006524 // 
            
            
            
            CNNVD: CNNVD-201512-505 // 
            
            
            
            NVD: CVE-2015-7932

CREDITS
Aditya K. Sood
Trust: 0.9
sources:
            
            
            BID: 79345 // 
            
            
            
            CNNVD: CNNVD-201512-505

SOURCES
db:CNVDid:CNVD-2015-08415
db:VULHUBid:VHN-85893
db:VULMONid:CVE-2015-7932
db:BIDid:79345
db:JVNDBid:JVNDB-2015-006524
db:CNNVDid:CNNVD-201512-505
db:NVDid:CVE-2015-7932

LAST UPDATE DATE
2025-04-13T23:03:36.765000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-08415date:2015-12-23T00:00:00
db:VULHUBid:VHN-85893date:2016-11-28T00:00:00
db:VULMONid:CVE-2015-7932date:2016-11-28T00:00:00
db:BIDid:79345date:2015-12-15T00:00:00
db:JVNDBid:JVNDB-2015-006524date:2015-12-25T00:00:00
db:CNNVDid:CNNVD-201512-505date:2015-12-24T00:00:00
db:NVDid:CVE-2015-7932date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-08415date:2015-12-23T00:00:00
db:VULHUBid:VHN-85893date:2015-12-24T00:00:00
db:VULMONid:CVE-2015-7932date:2015-12-24T00:00:00
db:BIDid:79345date:2015-12-15T00:00:00
db:JVNDBid:JVNDB-2015-006524date:2015-12-25T00:00:00
db:CNNVDid:CNNVD-201512-505date:2015-12-17T00:00:00
db:NVDid:CVE-2015-7932date:2015-12-24T01:59:02.067