Authorization

2020-06-1620:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.

CPENameOperatorVersion
mtn6260-0310_firmwarelt1.4.2
mtn6260-0315_firmwarelt1.4.2
mtn6260-0410_firmwarelt1.4.2
mtn6260-0415_firmwarelt1.4.2
mtn6501-0001_firmwarelt1.4.2
mtn6501-0002_firmwarelt1.4.2

Name	Operator	Version
mtn6260-0310_firmware	lt	1.4.2
mtn6260-0315_firmware	lt	1.4.2
mtn6260-0410_firmware	lt	1.4.2
mtn6260-0415_firmware	lt	1.4.2
mtn6501-0001_firmware	lt	1.4.2
mtn6501-0002_firmware	lt	1.4.2

References

www.se.com/ww/en/download/document/SEVD-2020-133-03/