CVE-2020-9462

2020-06-0415:49:28

mitre

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup. Upon success, the attacker is able to further infiltrate the target’s Wi-Fi networks.

References

developer.athom.com/firmware