CVE-2019-3932
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge.
CRITICAL · CVSS 9.8
EPSS 0.083
Act now
- EPSS percentile: top 8% of all CVEs by exploitation likelihood
- Public exploit or PoC is available
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0