Fermax
Products
4- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-48774 | Hig | 0.49 | 7.5 | 0.01 | Oct 11, 2024 | An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process. | ||
| CVE-2025-2910 | Med | 0.45 | — | 0.00 | Mar 28, 2025 | User enumeration in the password reset module of the MeetMe authentication service in versions prior to 2024-09 allows an attacker to determine whether an email address is registered through specific error messages. | ||
| CVE-2025-2909 | Med | 0.45 | — | 0.00 | Mar 28, 2025 | The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information. | ||
| CVE-2025-2911 | Med | 0.34 | — | 0.00 | Mar 28, 2025 | Unauthorised access to the call forwarding service system in MeetMe products in versions prior to 2024-09 allows an attacker to identify multiple users and perform brute force attacks via extensions. | ||
| CVE-2017-16778 | 0.00 | — | 0.01 | Dec 24, 2019 | An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit… |
- risk 0.49cvss 7.5epss 0.01
An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process.
- risk 0.45cvss —epss 0.00
User enumeration in the password reset module of the MeetMe authentication service in versions prior to 2024-09 allows an attacker to determine whether an email address is registered through specific error messages.
- risk 0.45cvss —epss 0.00
The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information.
- risk 0.34cvss —epss 0.00
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to 2024-09 allows an attacker to identify multiple users and perform brute force attacks via extensions.
- CVE-2017-16778Dec 24, 2019risk 0.00cvss —epss 0.01
An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit…