How severe is CVE-2018-17915?

CVE-2018-17915 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2018-17915

Name: xmeye_p2p_cloud_server
Author: xiongmaitech

9.8CRITICAL

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allo

Опубликовано: 10/10/2018Обновлено: 11/21/2024

Описание

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.

ИИ-АнализНа базе ИИ

Затронутые продукты

xiongmaitechxmeye_p2p_cloud_server

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06
Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06
Third Party AdvisoryUS Government Resource