Vulnerabilities > CVE-2018-17935 - 7PK - Security Features vulnerability in Telecrane products

047910
CVSS 4.8 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
low complexity
telecrane
CWE-254

Summary

All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

Common Weakness Enumeration (CWE)