Vulnerabilities > Abus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-21 | CVE-2020-28973 | Information Exposure vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.17 The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. | 5.0 |
| 2020-07-30 | CVE-2020-14158 | Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. | 6.4 |
| 2020-06-17 | CVE-2020-14157 | Information Exposure vulnerability in Abus Secvest Wireless Control Fube50001 Firmware The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). | 4.8 |
| 2019-09-03 | CVE-2019-14261 | Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01 An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. | 5.0 |
| 2019-05-14 | CVE-2019-9861 | Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01 Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. | 4.8 |
| 2019-03-27 | CVE-2019-9860 | Insufficient Entropy in PRNG vulnerability in Abus products Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are not accepted anymore. | 5.0 |