Threats Tagged 'cwe-656'

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with various Geovision devices on the network, the utility may send privileged commands; in order to do so, the username and password of the device need to be provided. In some instances the command is broadcasted over UDP and the username/password are encrypted using a cryptographic protocol that appears to be derivated from Blowfish. However the symmetric key used for the encryption is also included in the packet, and thus the security of the username/password only relies on the "obscurity" of the encryption scheme. An attacker on the same LAN can listen to the broadcast traffic once an admin user interacts with the device, and decrypt the credentials using their own implementation of the algorithm. With this password the attacker would have full control over the device configuration, allowing them to change its ip address or even reset it to factory default.

CVE-2026-42363 is a critical vulnerability in GeoVision GV-IP Device Utility 9. 0. 5 where device authentication credentials are insufficiently protected. The utility broadcasts encrypted username and password credentials over UDP using a weak encryption scheme derived from Blowfish, but the symmetric key is included in the same packet. This reliance on security through obscurity allows an attacker on the same LAN to capture broadcast packets, decrypt the credentials, and gain full control over the device configuration, including changing IP addresses or resetting to factory defaults. No official patch or remediation guidance is currently available.

TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439.

MediumVulnerabilityUnited StatesChinaGermany+7#cve#cve-2024-5244#cwe-656

Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The password is derived from static random values, which are concatenated to the hostname and a random string that can be read by every user from the registry. This allows an attacker to derive the database password and get authenticated access to the central exos 9300 database as the user Exos9300Common. The user has the roles ExosDialog and ExosDialogDotNet assigned, which are able to read most tables of the database as well as update and insert into many tables.

HighVulnerabilityGermanySwitzerlandAustria+7#cve#cve-2025-59093#cwe-656

An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment (IVI) unit's storage. This allows the attacker to access and read system logs containing sensitive data, including personally identifiable information (PII) and location data. This vulnerability was introduced in a patch intended to fix CVE-2024-54728.

MediumVulnerabilityGermanyFranceUnited Kingdom+5#cve#cve-2025-7020#cwe-656