go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::

Date:
Font-stze:

GeoVision Door Access Control Device - Shared cryptographic keys

Public Date 2020-06-12
Affected Products GV-AS210 version prior to 2.21, GV-AS410 version prior to 2.21, GV-AS810 version prior to 2.21, GV-GF192x version prior to 1.10, and GV-AS1010 version prior to 1.32
Description GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages.
CVE ID CVE-2020-3929
Solution Update to version 2.22 in GV-AS210, version 2.22 in GV-AS410, version 2.22 in GV-AS810, version 1.22 in GV-GF192x, version 1.33 in GV-AS1010
Credit Acronis
Top