Lucene search

MitreCVE-2023-50128

HistoryJan 11, 2024 - 9:15 p.m.

CVE-2023-50128

2024-01-1121:15:10

CWE-294

mitre

web.nvd.nist.gov

hozard

alarm system

vulnerability

replay attack

disarmed state

cve-2023-50128

nvd

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

15.5%

JSON

The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state.

Affected configurations

Nvd

Node

hozardalarm_systemMatch1.0

VendorProductVersionCPE
hozardalarm_system1.0cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hozard	alarm_system	1.0	cpe:2.3:a:hozard:alarm_system:1.0:::::::*

References

hozard.com

www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for CVE-2023-50128