Lucene search

[email protected]CVE-2023-26943

HistoryDec 05, 2023 - 12:15 a.m.

CVE-2023-26943

2023-12-0500:15:08

CWE-326

[email protected]

web.nvd.nist.gov

cve-2023-26943

weak encryption

rfid tags

yale keyless lock

tag cloning

nvd

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a cloned tag via physical proximity to the original.

Affected configurations

NVD

Node

assaabloyyale_keyless_smart_lock_firmwareMatch1.0

AND

assaabloyyale_keyless_smart_lockMatch-

CPENameOperatorVersion
assaabloy:yale_keyless_smart_lock_firmwareassaabloy yale keyless smart lock firmwareeq1.0

CPE	Name	Operator	Version
assaabloy:yale_keyless_smart_lock_firmware	assaabloy yale keyless smart lock firmware	eq	1.0

References

arxiv.org/abs/2312.00021

www.researchgate.net/publication/375759408_Technical_Report_-_CVE-2022-46480_CVE-2023-26941_CVE-2023-26942_and_CVE-2023-26943#fullTextFileContent

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2023-26943

prion1 nvd1 cvelist1