CVE-2021-3577
high-risk
Published 2021-11-12
An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.
Do I need to act?
!
86.4% chance of exploitation in next 30 days
EPSS score — higher than 14% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
ADJACENT_NETWORK
/ LOW complexity
Affected Products (20)
Halo\+ Camera Firmware
Comfort 85 Connect Firmware
Mbp3855 Firmware
Focus 68 Firmware
Focus 72R Firmware
Cn28 Firmware
Cn50 Firmware
Comfort 40 Firmware
Comfort 50 Connect Firmware
Mbp4855 Firmware
Mbp3667 Firmware
Mbp669 Connect Firmware
Lux 64 Firmware
Lux 65 Firmware
Connect View 65 Firmware
Lux 85 Connect Firmware
Ease44 Firmware
Connect 20 Firmware
Mbp6855 Firmware
Cn40 Firmware
Affected Vendors
References (2)
Vendor Advisory
https://binatoneglobal.com/security-advisory/
Vendor Advisory
https://binatoneglobal.com/security-advisory/
67
/ 100
high-risk
Severity
27/34 · High
Exploitability
20/34 · Moderate
Exposure
20/34 · Moderate