GeoVision Door Access Control Device - Hardcoded privileged password
CVE-2020-3928

6.2MEDIUM

Key Information:

Vendor

Geovision

Status
Door Access Control Device
Vendor
CVE Published:
12 June 2020

What is CVE-2020-3928?

GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices.

Affected Version(s)

Door Access Control Device GV-AS210 <= 2.21

Door Access Control Device GV-AS410 <= 2.21

Door Access Control Device GV-AS810 <= 2.21

References

https://www.twcert.org.tw/tw/cp-132-3695-9e72d-1.html
x_refsource_MISC

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.