Information Disclosure in Motorola-Branded Binatone Hubble Cameras
CVE-2021-3789

4.2MEDIUM

Key Information:

Vendor: Motorola
Status: Binatone Hubble Cameras
Vendor: CVE Published:; 12 November 2021

Summary

An information disclosure vulnerability exists in Motorola-branded Binatone Hubble Cameras, where an attacker with physical access could potentially retrieve the encryption key used for decrypting firmware update packages. This flaw raises significant security concerns, as it could enable malicious actors to manipulate or compromise the device's firmware.

Affected Version(s)

Binatone Hubble Cameras various

References

https://binatoneglobal.com/security-advisory/

x_refsource_MISC

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2021
Vulnerability Reserved
Sep 9, 2021

Credit

Motorola thanks Lennert Wouters and Günes Acar, imec-COSIC, KU Leuven, Belgium for reporting this issue.