PT-2020-13281 · Eq 3 · Eq-3 Homematic Central Control Unit
Psytester
·
Published
2020-05-15
·
Updated
2020-05-21
·
CVE-2020-12834
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
eQ-3 Homematic Central Control Unit (CCU) versions 2 through 2.51.6
eQ-3 Homematic Central Control Unit (CCU3) versions 3 through 3.51.6
Description
The issue allows Remote Code Execution in the JSON API Method
ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory reset.Recommendations
For eQ-3 Homematic Central Control Unit (CCU) versions 2 through 2.51.6, disable the default auto-login feature to prevent exploitation.
For eQ-3 Homematic Central Control Unit (CCU3) versions 3 through 3.51.6, disable the default auto-login feature to prevent exploitation.
As a temporary workaround, consider disabling the
ReGa.runScript method until a patch is available.Exploit
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Eq-3 Homematic Central Control Unit