CVE-2020-3929

Summary

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.

Affected Software

VendorProductVersion RangeStatus
GeoVisionDoor Access Control DeviceGV-AS210 <= 2.21affected
GeoVisionDoor Access Control DeviceGV-AS410 <= 2.21affected
GeoVisionDoor Access Control DeviceGV-AS810 <= 2.21affected
GeoVisionDoor Access Control DeviceGV-GF192x <= 1.10affected
GeoVisionDoor Access Control DeviceGV-AS1010 <= 1.32affected

Weaknesses

  • Shared cryptographic keys

ADP Enrichment

CVE Program Container

Additional References

References