Lucene search

[email protected]CVE-2023-26942

HistoryDec 05, 2023 - 12:15 a.m.

CVE-2023-26942

2023-12-0500:15:08

CWE-326

[email protected]

web.nvd.nist.gov

cve-2023-26942

weak encryption

rfid tags

yale ia-210 alarm v1.0

cloned tag

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original.

Affected configurations

NVD

Node

assaabloyyale_ia-210_firmwareMatch1.0

AND

assaabloyyale_ia-210Match-

CPENameOperatorVersion
assaabloy:yale_ia-210_firmwareassaabloy yale ia-210 firmwareeq1.0

CPE	Name	Operator	Version
assaabloy:yale_ia-210_firmware	assaabloy yale ia-210 firmware	eq	1.0

References

arxiv.org/abs/2312.00021

www.researchgate.net/publication/375759408_Technical_Report_-_CVE-2022-46480_CVE-2023-26941_CVE-2023-26942_and_CVE-2023-26943#fullTextFileContent

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2023-26942

cvelist1 prion1 nvd1