CVE-2020-10206
Severity CVSS v4.0:
Pending analysis
Type:
CWE-798
Use of Hard-coded Credentials
Publication date:
30/12/2020
Last modified:
14/01/2021
Description
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device.
Impact
Base Score 3.x
4.40
Severity 3.x
MEDIUM
Base Score 2.0
3.60
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:amino:ak45x_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:ak45x:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:amino:ak5xx_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:ak5xx:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:amino:ak65x_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:ak65x:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:amino:aria6xx_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:aria6xx:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:amino:aria7xx_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:aria7xx:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:amino:kami7b_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:amino:kami7b:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page