Known Vulnerabilities for products from Crestron
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Crestron".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-38405 json | On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash. | 7.5 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-6926 json | On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash. | 7.8 - HIGH | 2024-01-23 | 2024-01-29 |
| CVE-2022-40298 json | Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulne... | 8.8 - HIGH | 2022-09-23 | 2023-08-08 |
| CVE-2022-34102 json | Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in w... | 8.8 - HIGH | 2022-09-13 | 2022-09-19 |
| CVE-2022-34101 json | A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a ma... | 7.8 - HIGH | 2022-09-13 | 2022-09-18 |
| CVE-2022-34100 json | A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user... | 8.8 - HIGH | 2022-09-13 | 2022-09-15 |
| CVE-2022-23178 json | An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switc... | 9.8 - CRITICAL | 2022-01-15 | 2023-03-28 |
| CVE-2020-16839 json | On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed b... | 7.5 - HIGH | 2021-07-30 | 2022-07-12 |
| CVE-2019-18184 json | Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function. | 9.8 - CRITICAL | 2019-11-27 | 2022-02-10 |
| CVE-2019-3939 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/mode... | 9.8 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3938 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration o... | 7.8 - HIGH | 2019-04-30 | 2022-12-06 |
| CVE-2019-3937 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and o... | 7.8 - HIGH | 2019-04-30 | 2020-10-16 |
| CVE-2019-3936 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted reque... | 7.5 - HIGH | 2019-04-30 | 2021-11-02 |
| CVE-2019-3935 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show vi... | 9.1 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3934 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending ... | 5.3 - MEDIUM | 2019-04-30 | 2020-10-16 |
| CVE-2019-3933 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply b... | 5.3 - MEDIUM | 2019-04-30 | 2020-10-16 |
| CVE-2019-3932 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-... | 9.8 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3931 json | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl bi... | 8.8 - HIGH | 2019-04-30 | 2020-10-16 |
| CVE-2019-3930 json | The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco w... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3929 json | The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco w... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
Known software with vulnerabilities from Crestron
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Crestron | Mc3 Firmware | 1.502.0047.00 |