CVE-2021-3788

An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.

CVSS v3 6.8 MEDIUM
CVSS v2.0 4.6 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://binatoneglobal.com/security-advisory/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:binatoneglobal:halo\+_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:halo\+_camera:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*

History

27 Oct 2022, 16:42

Type	Values Removed	Values Added
CWE	~~CWE-863~~	CWE-287

16 Nov 2021, 18:36

Type	Values Removed	Values Added
CWE		CWE-863
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.6 v3 : 6.8
CPE		cpe:2.3:h:binatoneglobal:mbp669_connect:-:::::::* cpe:2.3:h:binatoneglobal:mbp3855:-:::::::* cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:::::::* cpe:2.3:h:binatoneglobal:mbp6855:-:::::::* cpe:2.3:o:binatoneglobal:focus_68_firmware:-:::::::* cpe:2.3:h:binatoneglobal:cn50:-:::::::* cpe:2.3:h:binatoneglobal:lux_64:-:::::::* cpe:2.3:h:binatoneglobal:connect_view_65:-:::::::* cpe:2.3:o:binatoneglobal:connect_20_firmware:-:::::::* cpe:2.3:h:binatoneglobal:lux_85_connect:-:::::::* cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:::::::* cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:::::::* cpe:2.3:h:binatoneglobal:focus_68:v200:::::::* cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:::::::* cpe:2.3:h:binatoneglobal:cn40:-:::::::* cpe:2.3:o:binatoneglobal:cn40_firmware:-:::::::* cpe:2.3:o:binatoneglobal:halo\+_camera_firmware:::::::: cpe:2.3:o:binatoneglobal:cn75_firmware:-:::::::* cpe:2.3:o:binatoneglobal:lux_65_firmware:-:::::::* cpe:2.3:h:binatoneglobal:ease44:-:::::::* cpe:2.3:h:binatoneglobal:mbp3667:-:::::::* cpe:2.3:h:binatoneglobal:comfort_50_connect:-:::::::* cpe:2.3:o:binatoneglobal:lux_64_firmware:-:::::::* cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:::::::* cpe:2.3:h:binatoneglobal:cn75:-:::::::* cpe:2.3:o:binatoneglobal:mbp3855_firmware:::::::: cpe:2.3:h:binatoneglobal:halo\+_camera:-:::::::* cpe:2.3:o:binatoneglobal:cn50_firmware:-:::::::* cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:::::::: cpe:2.3:h:binatoneglobal:comfort_85_connect:-:::::::* cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:::::::* cpe:2.3:h:binatoneglobal:lux_65:-:::::::* cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:::::::* cpe:2.3:o:binatoneglobal:cn28_firmware:-:::::::* cpe:2.3:h:binatoneglobal:mbp4855:-:::::::* cpe:2.3:h:binatoneglobal:focus_72r:v100:::::::* cpe:2.3:o:binatoneglobal:focus_72r_firmware:::::::: cpe:2.3:h:binatoneglobal:connect_20:-:::::::* cpe:2.3:o:binatoneglobal:ease44_firmware:-:::::::* cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:::::::* cpe:2.3:h:binatoneglobal:cn28:-:::::::* cpe:2.3:h:binatoneglobal:focus_68:v100:::::::* cpe:2.3:h:binatoneglobal:comfort_40:-:::::::* cpe:2.3:h:binatoneglobal:focus_72r:v200:::::::*
References	~~(CONFIRM) https://binatoneglobal.com/security-advisory/ -~~	(CONFIRM) https://binatoneglobal.com/security-advisory/ - Vendor Advisory

12 Nov 2021, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-11-12 22:15

Updated : 2023-12-10 14:09

NVD link : CVE-2021-3788

Mitre link : CVE-2021-3788

CVE.ORG link : CVE-2021-3788

JSON object : View

Products Affected

binatoneglobal

focus_72r
connect_view_65
cn40
mbp669_connect
comfort_40_firmware
connect_view_65_firmware
mbp3667_firmware
lux_64
cn40_firmware
focus_68_firmware
ease44
lux_65
mbp6855
halo\+_camera_firmware
cn75_firmware
mbp669_connect_firmware
mbp6855_firmware
mbp3855_firmware
comfort_85_connect_firmware
mbp4855_firmware
focus_68
cn28_firmware
focus_72r_firmware
cn75
halo\+_camera
ease44_firmware
comfort_85_connect
cn28
lux_65_firmware
lux_85_connect_firmware
connect_20_firmware
lux_64_firmware
mbp4855
connect_20
cn50
comfort_40
mbp3855
comfort_50_connect_firmware
cn50_firmware
comfort_50_connect
mbp3667
lux_85_connect

CWE

CWE-287

Improper Authentication

CWE-1299

Missing Protection Mechanism for Alternate Hardware Interface

6.8 /10