Vulnerability Details : CVE-2019-15745
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart plugs in a network, take over control of a device, and perform actions such as turning it on and off.
Products affected by CVE-2019-15745
- cpe:2.3:o:equeshome:elf_smart_plug_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-15745
0.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-15745
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2019-15745
-
The product contains hard-coded credentials, such as a password or cryptographic key.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-15745
-
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-one/
Exploiting the eques elf smart plug: Part one - The poetry of (in)securityExploit;Third Party Advisory
-
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-four/
Exploiting the eques elf smart plug: Part four - The poetry of (in)securityExploit;Third Party Advisory
-
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-two/
Exploiting the eques elf smart plug: Part two - The poetry of (in)securityExploit;Third Party Advisory
-
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-three/
Exploiting the eques elf smart plug: Part three - The poetry of (in)securityExploit;Third Party Advisory
-
https://github.com/iamckn/eques
GitHub - iamckn/eques: Exploit code/scripts for the eques elf smart plugsExploit;Third Party Advisory
Jump to