Incorrect Access Control in Alarm.com ADC-V522IR 0100b9 Devices: VPN Certificate Vulnerability

Incorrect Access Control in Alarm.com ADC-V522IR 0100b9 Devices: VPN Certificate Vulnerability

CVE-2019-9657 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a different issue than CVE-2018-19588. This occurs because of incorrect protection of VPN certificates (used for initiating a VPN session to the Alarm.com infrastructure) on the local camera device.

Learn more about our Infrastructure Penetration Testing.