[Suggested description]
An issue was discovered on Alecto IVM-100 2019-11-12 devices.
The device comes with a serial interface at the board level. By
attaching to this serial interface and rebooting the device, a large
amount of information is disclosed. This includes the view password
and the password of the Wi-Fi access point that the device used.

------------------------------------------

[Vulnerability Type]
Incorrect Access Control

------------------------------------------

[Vendor of Product]
Alecto

------------------------------------------

[Affected Product Code Base]
Alecto IVM-100 - unknown.

------------------------------------------

[Affected Component]
Serial interface.

------------------------------------------

[Attack Type]
Physical

------------------------------------------

[Impact Information Disclosure]
true

------------------------------------------

[Attack Vectors]
An attacker needs to open up the device and physically attach wires as well as reboot the device.

------------------------------------------

[Has vendor confirmed or acknowledged the vulnerability?]
true

------------------------------------------

[Discoverer]
Willem Westerhof, Jasper Nota, Martijn Baalman from Qbit cyber security in cooperation with The Dutch consumer organisation

------------------------------------------

[Reference]
https://www.alecto.nl

Use CVE-2019-20462.