harman 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk command injection and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-19563 | A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | [email protected] | 2.4 | 0.06% | 2020-11-16 | 2024-11-21 |
| CVE-2019-19562 | An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information. | [email protected] | 4.6 | 0.07% | 2020-11-16 | 2024-11-21 |
| CVE-2019-19561 | A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | [email protected] | 2.4 | 0.06% | 2020-11-16 | 2024-11-21 |
| CVE-2019-19560 | An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information. | [email protected] | 4.6 | 0.07% | 2020-11-16 | 2024-11-21 |
| CVE-2019-19557 | A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | [email protected] | 2.4 | 0.06% | 2020-11-16 | 2024-11-21 |
| CVE-2019-19556 | An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information. | [email protected] | 4.6 | 0.07% | 2020-11-16 | 2024-11-21 |
| CVE-2019-11224 | HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. | [email protected] | 8.8 | 26.82% | 2019-05-15 | 2024-11-21 |
| CVE-2016-1984 | The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362. | [email protected] | 9.8 | 1.51% | 2016-01-22 | 2026-05-06 |
| CVE-2015-8362 | The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984. | [email protected] | 9.8 | 2.67% | 2016-01-22 | 2026-05-06 |