CVE-2017-16778 Information

Description

An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design only a residential unit owner may allow such an access grant. However due to incorrect access control an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access as demonstrated by a loud DTMF tone representing ‘1’ and a long ’’ (697 Hz and 1209 Hz followed by 941 Hz and 1477 Hz).

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

4.6