CVE-2019-3928
Description
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become the presenter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Crestron AM-100/AM-101 SNMP OID leaks presentation passcode, allowing unauthenticated remote attackers to access locked presentations or become the presenter.
Vulnerability
CVE-2019-3928 is an information disclosure vulnerability in Crestron AM-100 (firmware 1.6.0.2) and AM-101 (firmware 2.7.0.2). The presentation passcode can be retrieved by any user via SNMP using the OID iso.3.6.1.4.1.3212.100.3.2.7.4 [1]. No authentication is required to query this OID. The affected devices are used for wireless presentation systems.
Exploitation
An unauthenticated attacker with network access to the affected device can send an SNMP GET request to the OID iso.3.6.1.4.1.3212.100.3.2.7.4. The device responds with the current presentation passcode. No special privileges or user interaction are required. The attacker only needs SNMP read access, which is typically enabled by default.
Impact
Successful exploitation allows the attacker to obtain the presentation passcode. With this code, the attacker can join a locked presentation or assume the role of presenter, potentially disrupting the presentation or accessing restricted content. The confidentiality and integrity of the presentation are compromised.
Mitigation
Crestron has not released a firmware update for this vulnerability as of the publication date (2019-04-30). The Tenable advisory [1] does not mention a fix. Users should restrict SNMP access to trusted hosts via network segmentation or firewall rules. If SNMP is not required, disable it on the device. The devices may be end-of-life; consult Crestron for further guidance.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Crestron/Crestron AirMediav5Range: AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The SNMP agent exposes a read-only OID (iso.3.6.1.4.1.3212.100.3.2.7.4) that returns the presentation passcode without any authentication check."
Attack vector
An unauthenticated attacker on the network sends an SNMP GET request to the target device for OID iso.3.6.1.4.1.3212.100.3.2.7.4 [ref_id=1]. The device responds with the current presentation passcode. With this code, the attacker can join a locked presentation or assume the presenter role [ref_id=1]. No authentication or prior knowledge is required; the attacker only needs SNMP access to the device (typically UDP port 161).
Affected code
The advisory identifies the SNMP MIB object iso.3.6.1.4.1.3212.100.3.2.7.4 as the vulnerable OID on Crestron AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2 [ref_id=1]. No specific source file or function name is provided in the advisory.
What the fix does
The advisory does not provide a patch or code diff [ref_id=1]. The recommended remediation is to restrict SNMP access to trusted management hosts only, or to disable SNMP on the device if it is not needed. The vendor may also release a firmware update that adds authentication or access control to the affected OID.
Preconditions
- networkAttacker must have network access to the device's SNMP service (UDP 161)
- configSNMP service must be enabled on the device (default configuration)
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- www.tenable.com/security/research/tra-2019-20mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.