Hardcoded credentials

2020-09-3013:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.8%

JSON

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions.

CPENameOperatorVersion
august_homele10.11.0
connect_wi-fi_bridge_firmwarele2.2.12

CPE	Name	Operator	Version
	august_home	le	10.11.0
	connect_wi-fi_bridge_firmware	le	2.2.12

References

labs.bitdefender.com/2020/08/smart-locks-not-so-smart-with-wi-fi-security/