PT-2019-13967 · Smart Battery · Smart Battery A4

Published

2019-09-25

·

Updated

2020-10-16

·

CVE-2019-15068

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Smart Battery A4 firmware versions prior to r1.7.9
Description A broken access control issue allows an attacker to obtain or reset the administrator's password without authentication.
Recommendations For firmware versions prior to r1.7.9, update to version r1.7.9 or later to resolve the issue.

Fix

Missing Authentication

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-284

Related Identifiers

CVE-2019-15068

Affected Products

Smart Battery A4