Details of VAR-201804-1730

ID

VAR-201804-1730

TITLE

Heidman (Advent) Offline Sales Doorbell Series Has Replay Attack Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2018-04294

DESCRIPTION

Heideman Electric Co., Ltd. is a comprehensive high-tech enterprise integrating the development, production and sales of small household appliances such as doorbells and night lights. Heidman (Advent) offline sales doorbell series has a replay attack vulnerability. An attacker can use this vulnerability to replay the doorbell signal, which can cause the doorbell to respond without restriction and emit a ringtone.

Trust: 0.6

sources: CNVD: CNVD-2018-04294

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-04294

AFFECTED PRODUCTS

vendor:

heideman electric

model:

offline sales doorbell series j-228

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2018-04294

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2018-04294
value:	LOW
Trust: 0.6

CNVD:	CNVD-2018-04294
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2018-04294

PATCH

title:

Heidman (Advent) Doorbell Can Replay Unrestrictedly Has Intelligent Hardware Vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/119389

Trust: 0.6

sources: CNVD: CNVD-2018-04294

EXTERNAL IDS

db:

CNVD

id:

CNVD-2018-04294

Trust: 0.6

sources: CNVD: CNVD-2018-04294

SOURCES

db:

CNVD

id:

CNVD-2018-04294

LAST UPDATE DATE

2022-05-04T10:04:21.508000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2018-04294

date:

2018-03-08T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2018-04294

date:

2018-04-12T00:00:00