CVE-2018-8864 Information

Description

In ATI Systems Emergency Mass Notification Systems (HPSS16 HPSS32 MHPSS and ALERT4000) devices a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Reference

http://www.securityfocus.com/bid/103721 https://ics-cert.us-cert.gov/advisories/ICSA-18-100-01

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

3.1