Lucene search
K

128 matches found

Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.3 views

CVE-2023-50123

The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...

8AI score0.00613EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.5 views

CVE-2023-50126

Missing encryption in the RFID tags of the Hozard alarm system Alarmsysteem v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state...

6.2AI score0.00097EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.19 views

CVE-2023-50123

The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...

8.2AI score0.00613EPSS
Exploits1References1
CVE
CVE
added 2024/01/11 12:0 a.m.43 views

CVE-2023-50126

CVE-2023-50126 concerns the Hozard alarm system (Alarmsysteem) v1.0, where RFID tags lack encryption. The Root Cause is missing encryption on RFID tags, enabling an attacker in close proximity to clone a tag and disarm the system. Documented impact is a disarmed state without broader system compr...

6.5CVSS6.2AI score0.00097EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/11 12:0 a.m.46 views

CVE-2023-50123

The CVE-2023-50123 entry concerns the Hozard Alarm system v1.0, where there is no limit on attempts to disarm via SMS authentication. The connected documents confirm the affected product and the root cause (unbounded attempt count enabling brute force to disarm). The impact is high (confidentiali...

8.1CVSS7.9AI score0.00613EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.25 views

CVE-2023-50127

Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...

5.9AI score0.00444EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.22 views

CVE-2023-50126

Missing encryption in the RFID tags of the Hozard alarm system Alarmsysteem v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state...

6.5AI score0.00097EPSS
Exploits0References1
CVE
CVE
added 2024/01/11 12:0 a.m.41 views

CVE-2023-50125

The CVE concerns the Hozard Alarm system (Alarmsysteem) v1.0, where a default engineer password enables an attacker to disarm the system. Documents consistently describe the root cause as the use of a default credentials credential, leading to potential unauthorized disarming. Reported impact is ...

5.9CVSS5.7AI score0.00376EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.5 views

CVE-2023-50127

Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...

5.7AI score0.00444EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

Hozard Alarm system security breach

Hozard alarm system is an alarm system from Hozard. The Hozard Alarm system has a security vulnerability that stems from the lack of encryption of RFID tags...

6.5CVSS6.9AI score0.00097EPSS
Exploits0References2
CVE
CVE
added 2024/01/11 12:0 a.m.47 views

CVE-2023-50127

CVE-2023-50127 affects the Hozard alarm system (Alarmsysteem) v1.0 and is caused by an Improper Authentication flaw where SMS commands are accepted from random phone numbers, enabling an attacker to disarm the system from any number. Practical impact described across sources includes the ability ...

5.9CVSS5.7AI score0.00444EPSS
Exploits1References1Affected Software1
Malwarebytes
Malwarebytes
added 2023/11/20 8:0 a.m.13 views

A week in security (November 13 – November 19)

Last week on Malwarebytes Labs: Signal is testing usernames so you don’t have to share your phone number State of Maine data breach impacts 1.3 million people Credit card skimming on the rise for the holiday shopping season Update now! Microsoft patches 3 actively exploited zero-days Ransomware...

7.3AI score
Exploits0
NVD
NVD
added 2023/05/24 12:15 a.m.22 views

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

7.5CVSS7.7AI score0.00286EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/05/24 12:15 a.m.6 views

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

7.5CVSS5.8AI score0.00286EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/23 12:0 a.m.8 views

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

7.5AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.23 views

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

7.9AI score0.00286EPSS
Exploits0References2
CVE
CVE
added 2023/05/23 12:0 a.m.68 views

CVE-2023-31759

CVE-2023-31759 affects the Kerui W18 Alarm System v1.0, specifically the 433MHz keyfob. The vulnerability enables a code replay attack to gain full system access, as described in multiple connected sources. The CVSS v3.1 metrics indicate an adjacent attack vector, high complexity, no privileges o...

7.5CVSS7.6AI score0.00286EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.5 views

PT-2023-23452 · Kerui · Kerui W18 Alarm System

Name of the Vulnerable Software and Affected Versions: Kerui W18 Alarm System version 1.0 Description: The issue concerns weak security in the 433MHz keyfob of the Kerui W18 Alarm System, allowing attackers to gain full access via a code replay attack. Recommendations: For Kerui W18 Alarm System...

7.5CVSS7.7AI score0.00286EPSS
Exploits0References7
NVD
NVD
added 2021/12/15 7:15 a.m.12 views

CVE-2021-40171

The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BGU-ITR-F1-BDBL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system...

5.3CVSS0.00924EPSS
Exploits0References2
OSV
OSV
added 2021/12/15 7:15 a.m.3 views

CVE-2021-40171

The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BGU-ITR-F1-BDBL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system...

5.3CVSS5.8AI score0.00924EPSS
Exploits0References2
Rows per page
Query Builder