Vulnerabilities > Harman
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-16 | CVE-2019-19563 | Unspecified vulnerability in Harman Hermes 2.1 A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.1 |
| 2020-11-16 | CVE-2019-19562 | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 2.1 An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information. | 2.1 |
| 2020-11-16 | CVE-2019-19561 | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.5 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.1 |
| 2020-11-16 | CVE-2019-19560 | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.5 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information. | 2.1 |
| 2020-11-16 | CVE-2019-19557 | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.0 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.1 |
| 2020-11-16 | CVE-2019-19556 | Improper Authentication vulnerability in Harman Hermes 1.0 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information. | 2.1 |
| 2019-05-15 | CVE-2019-11224 | OS Command Injection vulnerability in Harman AMX Mvp5150 Firmware 2.87.13 HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. | 6.5 |
| 2016-01-22 | CVE-2016-1984 | Credentials Management vulnerability in Harman AMX Firmware 1.2.322/1.3.100 The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362. | 10.0 |
| 2016-01-22 | CVE-2015-8362 | Credentials Management vulnerability in Harman AMX Firmware 1.2.322/1.3.100 The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984. | 10.0 |