CVE-2016-5669 - OpenCVE

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Crestron	Dm-txrx-100-str Dm-txrx-100-str Firmware

Configuration 1 [-]

AND

cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*

cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.kb.cert.org/vuls/id/974424
http://www.securityfocus.com/bid/92211

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2016-08-03T01:00:00

Updated: 2024-08-06T01:08:00.252Z

Reserved: 2016-06-16T00:00:00

Link: CVE-2016-5669

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2016-08-03T01:59:07.693

Modified: 2016-08-15T15:39:00.707

Link: CVE-2016-5669

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-08-01T00:00:00", "descriptions": [{"lang": "en", "value": "Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-08-05T12:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "92211", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92211"}, {"name": "VU#974424", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/974424"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2016-5669", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92211", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92211"}, {"name": "VU#974424", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/974424"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:08:00.252Z"}, "title": "CVE Program Container", "references": [{"name": "92211", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/92211"}, {"name": "VU#974424", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/974424"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-5669", "datePublished": "2016-08-03T01:00:00", "dateReserved": "2016-06-16T00:00:00", "dateUpdated": "2024-08-06T01:08:00.252Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*", "matchCriteriaId": "A1CDE355-7ED9-40EA-A13B-03D00E3263B1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*", "matchCriteriaId": "D46F2C7B-856C-4AF2-ABC9-1E4CF7ED999C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship."}, {"lang": "es", "value": "Dispositivos Crestron Electronics DM-TXRX-100-STR con firmware en versiones anteriores a 1.3039.00040 usa un certificado codificado 0xb9eed4d955a59eb3 X.509 de un OpenSSL Test Certification Authority, lo que facilita a atacantes remotos llevar a cabo ataques man-in-the-middle contra sesiones HTTPS mediante el aprovechamiento de la relaci\u00f3n de confianza del certificado."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/321.html\">CWE-321: Use of Hard-coded Cryptographic Key</a>", "id": "CVE-2016-5669", "lastModified": "2016-08-15T15:39:00.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-03T01:59:07.693", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource", "VDB Entry"], "url": "http://www.kb.cert.org/vuls/id/974424"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/92211"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}