PT-2018-14284 · Telecrane · Telecrane F25 Series Radio Controls

Akira Urano

Published

2018-10-24

Updated

2020-09-18

CVE-2018-17935

CVSS v3.1

8.1

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Telecrane F25 Series Radio Controls versions prior to 00.0A

Description The issue concerns the use of fixed codes in the Telecrane F25 Series Radio Controls, which can be reproduced by sniffing and re-transmission. This allows for unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

Recommendations For versions prior to 00.0A, update to version 00.0A or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-294

Related Identifiers

CVE-2018-17935

ZDI-18-1315

Affected Products

Telecrane F25 Series Radio Controls

PT-2018-14284 · Telecrane · Telecrane F25 Series Radio Controls

CVE-2018-17935

Weakness Enumeration

Related Identifiers

Affected Products

References · 5