Halo Camera Firmware
CVE-2021-3788
MEDIUM
Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.
AnalysisAI
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1299. An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device. Affected products include: Binatoneglobal Halo\+ Camera Firmware, Binatoneglobal Comfort 85 Connect Firmware, Binatoneglobal Mbp3855 Firmware, Binatoneglobal Focus 68 Firmware, Binatoneglobal Focus 72R Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Halo Camera Firmware
View allAn unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras tha
A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local ac
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow a
A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow
Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypt
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow a
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today