In /usr/local/etc/config/addons/mh/ on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents. An attacker with a privileged network position (which could be obtained via DNS spoofing of or other approaches) can exploit this issue in order to provide arbitrary malicious firmware updates to the CCU2. This can result in a full system compromise.

Published : 2018-02-22 19:29 Updated : 2019-10-03 00:03

CVSS Score More info
Score 9.3 / 10
Vendor Product Version URI
Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 cpe:/o:eq-3:homematic_central_control_unit_ccu2_firmware:2.29.22
  1. Eq-3 (1) Search CVE
    1. Homematic Central Control Unit Ccu2 Firmware (1) Search CVE
      1. 2.29.22


ID Name Description Links
CWE-319 Cleartext Transmission of Sensitive Information The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. CVE

History of changes

Date Event
2019-10-03 00:03
2018-03-19 14:32
2018-02-22 19:29