Design/Logic Flaw

2020-12-0115:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.7%

JSON

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.

CPENameOperatorVersion
acti9_powertag_link_firmwarelt001.008.007
acti9_powertag_link_hd_firmwarelt001.008.007
acti9_smartlink_el_b_firmwarelt1.2.1
acti9_smartlink_si_b_firmwarelt002.004.002
acti9_smartlink_si_d_firmwarelt002.004.002
wiser_energy_firmwarelt1.5.0
wiser_link_firmwarelt1.5.0

Name	Operator	Version
acti9_powertag_link_firmware	lt	001.008.007
acti9_powertag_link_hd_firmware	lt	001.008.007
acti9_smartlink_el_b_firmware	lt	1.2.1
acti9_smartlink_si_b_firmware	lt	002.004.002
acti9_smartlink_si_d_firmware	lt	002.004.002
wiser_energy_firmware	lt	1.5.0
wiser_link_firmware	lt	1.5.0

References

www.se.com/ww/en/download/document/SEVD-2020-287-03/