Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-5964 |
CWE-ID | CWE-288 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
iDoors Reader Mobile applications / Apps for mobile phones |
Vendor | A.T.WORKS, Inc. |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU18948
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5964
CWE-ID:
CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Exploit availability: No
DescriptioniDoors Reader: before 2.10.17
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.