CVE-2021-3793
moderate-risk
Published 2021-11-12
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware.
Do I need to act?
-
0.32% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (20)
Halo\+ Camera Firmware
Comfort 85 Connect Firmware
Mbp3855 Firmware
Focus 68 Firmware
Focus 72R Firmware
Cn28 Firmware
Cn50 Firmware
Comfort 40 Firmware
Comfort 50 Connect Firmware
Mbp4855 Firmware
Mbp3667 Firmware
Mbp669 Connect Firmware
Lux 64 Firmware
Lux 65 Firmware
Connect View 65 Firmware
Lux 85 Connect Firmware
Ease44 Firmware
Connect 20 Firmware
Mbp6855 Firmware
Cn40 Firmware
Affected Vendors
References (2)
Vendor Advisory
https://binatoneglobal.com/security-advisory/
Vendor Advisory
https://binatoneglobal.com/security-advisory/
45
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
1/34 · Minimal
Exposure
20/34 · Moderate