31 matches found
CVE-2023-50127
Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50127
Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
Authentication flaw
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
Default credentials
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50123
The CVE-2023-50123 entry concerns the Hozard Alarm system v1.0, where there is no limit on attempts to disarm via SMS authentication. The connected documents confirm the affected product and the root cause (unbounded attempt count enabling brute force to disarm). The impact is high (confidentiali...
Hozard Alarm system security breach
Hozard alarm system is an alarm system from Hozard. A security vulnerability exists in the Hozard Alarm system that originates from an unlimited number of attempts to place the system in a disarmed state...
Hozard Alarm system security breach
Hozard alarm system is an alarm system from Hozard. A security vulnerability exists in the Hozard Alarm system, which can be exploited to send commands to control the system from an arbitrary phone number...
Hozard Alarm system security breach
Hozard alarm system is an alarm system from Hozard. A security vulnerability exists in the Hozard Alarm system, which stems from a default engineer password that allows an attacker to place the alarm system in a disarmed state...
PT-2024-13866 · Unknown · Hozard Alarm System
Name of the Vulnerable Software and Affected Versions: Hozard alarm system Alarmsysteem version 1.0 Description: The issue concerns Improper Authentication in the Hozard alarm system. Specifically, commands sent via the SMS functionality are accepted from random phone numbers. This allows an...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
Hozard alarm system security breach
Hozard alarm system is an alarm system from Hozard. A security vulnerability exists in Hozard alarm system alarmsystemen version v1.0, which originates from a remote keyless system that sends the same RF signal for each request, and can be exploited by an attacker to conduct a replay attack and...