CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
20.7%
Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation (CWE-1059).
The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data.
The user of the affected product is not aware of the internally saved data.
By accessing the affected product physically, an attacker may retrieve the internal data.
Apply the workaround
Apply the workaround according to the information provided by the developer.
For more information, refer to the information provided by the developer.
All firmware versions of the following thermal cameras are affected by this vulnerability.