CVE-2020-3933
published 2020-02-11CVE-2020-3933: TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
1.24%
65.6th percentile
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| secom | dr.id_access_control | < 3.3.2 | 3.3.2 |
| secom | dr.id_attendance_system | < 3.3.0.3_20160517 | 3.3.0.3_20160517 |
| taiwan_secom_co_ltd | door_access_control_system | <= 3.3.2 | — |
| taiwan_secom_co_ltd | personnel_attendance_system | <= 3.3.0.3_20160517 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760bhttps://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bachttps://www.twcert.org.tw/en/cp-139-3317-d4edc-2.htmlhttps://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760bhttps://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bachttps://www.twcert.org.tw/en/cp-139-3317-d4edc-2.html
2020-02-11
Published