CVE-2018-19982 Information

Description

An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP Server Controller (HUB) Node (products which are controlled by HUB). The prerequisite is that the attacker is on the same network as the target HUB and can use IP Changer to change destination IP addresses (of all packets whose destination IP address is Server) to a proxy-server IP address. This allows sniffing of cleartext between Server and Controller. The cleartext command data is transmitted to Controller using the proxy server’s fake certificate and it is able to control each Node of the HUB. Also by operating HUB in Z-Wave Pairing Mode it is possible to obtain the Z-Wave network key.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://github.com/min1233/CVE/blob/master/1

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.3