CVE-2020-27488 – Loxone Miniserver devices with firmware before 11.1 (aka 11.1.9.3) are unable to use an au …

13 January 2021

Vuln ID: CVE-2020-27488

Published: 2021-01-13 20:15:12Z

Description: Loxone Miniserver devices with firmware before 11.1 (aka 11.1.9.3) are unable to use an authentication method that is based on the "signature of the update package." Therefore, these devices (or attackers who are spoofing these devices) can continue to use an unauthenticated cloud service for an indeterminate time period (possibly forever). Once an individual device’s firmware is updated, and authentication occurs once, the cloud service recategorizes the device so that authentication is subsequently always required, and spoofing cannot occur.

Source: NVD.NIST.GOV

Date:

13 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Hackers make millions of attempts to exploit WordPress plugin vulnerability26 April 2024
Cybersecurity provider Darktrace to be acquired by Thoma Bravo for $5.3B26 April 2024
BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 202326 April 2024
Kaiser Permanente shared 13.4M people’s data with Microsoft Bing, Google, others26 April 2024
Discover How DeepL Write Pro Enhances Accuracy and Security26 April 2024