CVE-2020-11916

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased.

CVSS v3 6.3 MEDIUM

6.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://seclists.org/fulldisclosure/2024/Jul/14	Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/14

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:svakom:svakom_siime_eye_firmware:14.1.00000001.3.330.0.0.3.14:*:*:*:*:*:*:*

cpe:2.3:h:svakom:svakom_siime_eye:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-11-07 18:15

Updated : 2025-11-04 18:15

NVD link : CVE-2020-11916

Mitre link : CVE-2020-11916

CVE.ORG link : CVE-2020-11916

JSON object : View

Products Affected

svakom

svakom_siime_eye
svakom_siime_eye_firmware

CWE

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

{"id": "CVE-2020-11916", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2024-11-07T18:15:15.310", "references": [{"url": "https://seclists.org/fulldisclosure/2024/Jul/14", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/14", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-327"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Siime Eye 14.1.00000001.3.330.0.0.3.14. La contrase\u00f1a del usuario root se codifica mediante una t\u00e9cnica de codificaci\u00f3n antigua y obsoleta. Debido a esta codificaci\u00f3n obsoleta, la probabilidad de \u00e9xito de un atacante en un ataque de pirater\u00eda sin conexi\u00f3n aumenta considerablemente."}], "lastModified": "2025-11-04T18:15:38.280", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:svakom:svakom_siime_eye_firmware:14.1.00000001.3.330.0.0.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D510DDF7-9FAF-427A-A5F7-8B0DA1253AEF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:svakom:svakom_siime_eye:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC39279C-49EA-4BA6-BA54-D12373D91C37"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}