Crestron Vulnérabilités

Chronologie

Taper

Not Defined	40

Produit

Crestron AM-100	16
Crestron AM-101	15
Crestron DM-TXRX-100-STR	6
Crestron AirMedia	4
Crestron AirMedia AM-100	4

Contre-mesures

Official Fix	20
Temporary Fix	0
Workaround	13
Unavailable	0
Not Defined	7

Exploitabilité

High	0
Functional	1
Proof-of-Concept	2
Unproven	0
Not Defined	37

Vecteur d'accès

Not Defined	0
Physical	0
Local	3
Adjacent	3
Network	34

Authentification

Not Defined	0
High	1
Low	10
None	29

Interaction de l'utilisateur

Not Defined	0
Required	1
None	39

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	3
≤7	7
≤8	4
≤9	13
≤10	11

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	5
≤7	7
≤8	4
≤9	11
≤10	11

VulDB

≤1	0
≤2	0
≤3	1
≤4	1
≤5	1
≤6	6
≤7	3
≤8	13
≤9	4
≤10	11

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	3
≤7	0
≤8	8
≤9	6
≤10	19

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	1
≤10	1

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	4
<2k	16
<5k	20
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	38
<2k	1
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (22): 3-Series Control Systems (1), AM-100 (16), AM-101 (15), AM-300 (1), AirMedia (4), AirMedia AM-100 (4), AirMedia AM-101 (2), Console (1), DM-NVX-DIR (1), DM-NVX-DIR80 (1), DM-NVX-ENT (1), DM-TXRX-100-STR (6), DMC-STRO (1), HD-MD4X2-4K-E (1), MC3 (2), TSW-560 (2), TSW-560-NC (2), TSW-760 (2), TSW-760-NC (2), TSW-1060 (2), TSW-1060-NC (2), TSW-X60 (2)

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
23/01/2024	8.0	7.9	Crestron AM-300 elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.04	CVE-2023-6926
18/07/2023	5.5	5.4	Crestron 3-Series Control Systems BACnet Packet dénie de service	Inconnue	Not Defined	Official Fix	0.00046	0.02	CVE-2023-38405
23/09/2022	8.8	8.6	Crestron AirMedia mauvaise	Inconnue	Not Defined	Official Fix	0.00104	0.02	CVE-2022-40298
14/09/2022	8.8	8.8	Crestron AirMedia Installation elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00104	0.00	CVE-2022-34100
14/09/2022	8.1	8.0	Crestron AirMedia Command Prompt elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00087	0.00	CVE-2022-34102
14/09/2022	6.3	6.0	Crestron AirMedia elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00076	0.00	CVE-2022-34101
15/01/2022	4.3	4.3	Crestron HD-MD4X2-4K-E Administrative Web Interface aj.html divulgation de l'information	Inconnue	Not Defined	Not Defined	0.03228	0.00	CVE-2022-23178
31/07/2021	6.3	6.0	Crestron DM-NVX-DIR/DM-NVX-DIR80/DM-NVX-ENT WebSocket Request Remote Code Execution	Inconnue	Not Defined	Official Fix	0.00092	0.00	CVE-2020-16839
27/11/2019	8.5	8.5	Crestron DMC-STRO Ping elévation de privilèges	Inconnue	Not Defined	Not Defined	0.02048	0.03	CVE-2019-18184
30/04/2019	8.5	8.4	Crestron AM-100/AM-101 Web Interface authentification faible	Inconnue	Not Defined	Workaround	0.00667	0.03	CVE-2019-3939

30 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 30 results.

◂ PrécédentAperçuSuivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!