High severity7.5NVD Advisory· Published Aug 5, 2019· Updated Jun 17, 2026
CVE-2019-14475
CVE-2019-14475
Description
eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the system, or modify/delete internal programs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- eQ-3/Homematic CCU2description
- Range: <=2.47.15
Patches
Vulnerability mechanics
References
1- psytester.github.io/CVE-2019-14475nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.