CVE-2019-9583
published 2019-08-14CVE-2019-9583: eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for…
PriorityP342high8.2CVSS 3.1
AVNACLPRNUINSUCNILAH
EPSS
1.88%
76.8th percentile
eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eq-3 | ccu2_firmware | <= 2.47.15 | — |
| eq-3 | ccu3_firmware | <= 3.47.15 | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu2_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
| eq-3 | homematic_ccu3_firmware | — | — |
CVSS provenance
nvdv3.18.2HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-943c-f2xw-gmr9: eQ-3 Homematic CCU2 2
ghsa_unreviewed·2022-05-24·CVSS 8.2
CVE-2019-14475 [HIGH] CWE-862 GHSA-943c-f2xw-gmr9: eQ-3 Homematic CCU2 2
eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the system, or modify/delete internal programs.
GHSA
GHSA-v52j-7xj8-6pgc: eQ-3 Homematic CCU3 3
ghsa_unreviewed·2022-05-24·CVSS 8.2
CVE-2019-14474 [HIGH] CWE-20 GHSA-v52j-7xj8-6pgc: eQ-3 Homematic CCU3 3
eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call()' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can start this attack too.
GHSA
GHSA-49c8-8f9w-rcc6: eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login
ghsa_unreviewed·2022-05-24
CVE-2019-9583 [MEDIUM] GHSA-49c8-8f9w-rcc6: eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login
eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/psytester/psytester.github.io/blob/master/_posts/hacking_and_pentests/CVEs/2019-03-27-CVE-2019-9583.mdhttps://psytester.github.io/CVE-2019-9583/https://github.com/psytester/psytester.github.io/blob/master/_posts/hacking_and_pentests/CVEs/2019-03-27-CVE-2019-9583.mdhttps://psytester.github.io/CVE-2019-9583/
2019-08-14
Published