Vulnerabilities > CVE-2021-3577 - Incorrect Authorization vulnerability in Binatoneglobal products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

binatoneglobal

CWE-863

NVD

Published: 2021-11-12

Updated: 2021-11-16

Summary

An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.

Vulnerable Configurations

Part	Description	Count
OS	Binatoneglobal Binatoneglobal Halo+ Camera Firmware * Binatoneglobal Comfort 85 Connect Firmware * Binatoneglobal Mbp3855 Firmware * Binatoneglobal Focus 68 Firmware - Binatoneglobal Focus 72R Firmware * Binatoneglobal Cn28 Firmware - Binatoneglobal Cn50 Firmware - Binatoneglobal Comfort 40 Firmware - Binatoneglobal Comfort 50 Connect Firmware - Binatoneglobal Mbp4855 Firmware - Binatoneglobal Mbp3667 Firmware - Binatoneglobal Mbp669 Connect Firmware - Binatoneglobal LUX 64 Firmware - Binatoneglobal LUX 65 Firmware - Binatoneglobal Connect View 65 Firmware - Binatoneglobal LUX 85 Connect Firmware - Binatoneglobal Ease44 Firmware - Binatoneglobal Connect 20 Firmware - Binatoneglobal Mbp6855 Firmware - Binatoneglobal Cn40 Firmware - Binatoneglobal Cn75 Firmware -	21
Hardware	Binatoneglobal Binatoneglobal Halo+ Camera - Binatoneglobal Comfort 85 Connect - Binatoneglobal Mbp3855 - Binatoneglobal Focus 68 V100 Binatoneglobal Focus 68 V200 Binatoneglobal Focus 72R V100 Binatoneglobal Focus 72R V200 Binatoneglobal Cn28 - Binatoneglobal Cn50 - Binatoneglobal Comfort 40 - Binatoneglobal Comfort 50 Connect - Binatoneglobal Mbp4855 - Binatoneglobal Mbp3667 - Binatoneglobal Mbp669 Connect - Binatoneglobal LUX 64 - Binatoneglobal LUX 65 - Binatoneglobal Connect View 65 - Binatoneglobal LUX 85 Connect - Binatoneglobal Ease44 - Binatoneglobal Connect 20 - Binatoneglobal Mbp6855 - Binatoneglobal Cn40 - Binatoneglobal Cn75 -	23

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://binatoneglobal.com/security-advisory/