CVE-2020-9526 Information

Description

CS2 Network P2P through 3.x as used in millions of Internet of Things devices suffers from an information exposure flaw that exposes user session data to supernodes in the network as demonstrated by passively eavesdropping on user video/audio streams capturing credentials and compromising devices.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://hacked.camera/ https://redprocyon.com

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.9