First published: Tue Apr 30 2019(Updated: )
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any configuration file since all the encryption logic is hard coded. A local attacker can use this vulnerability to gain access to devices username and passwords.
Credit: vulnreport@tenable.com vulnreport@tenable.com
Affected Software | Affected Version | How to fix |
---|---|---|
Crestron AM-100 firmware | =1.6.0.2 | |
Crestron AM-100 | ||
Crestron AM-101 firmware | =2.7.0.2 | |
Crestron AM-101 | ||
All of | ||
Crestron AM-100 firmware | =1.6.0.2 | |
Crestron AM-100 | ||
All of | ||
Crestron AM-101 firmware | =2.7.0.2 | |
Crestron AM-101 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2019-3938.
The severity of CVE-2019-3938 is high with a CVSS score of 7.8.
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are affected by CVE-2019-3938.
Usernames, passwords, and other configuration options are stored in the encrypted configuration file generated via the "export configuration" feature.
At the moment, there is no known workaround or fix available for CVE-2019-3938. It is recommended to contact Crestron for further assistance.