CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

CVE-2022-28386

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...

CVE-2020-5727

Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system...

CVE-2019-10608

Information disclosure issue occurs as there is no binding between the secure keypad session and the secure display session that allows user to take control of the REE to stop the secure keypad session and read the keypad input. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...

The vulnerabilities of the functions adp5589_keypad_add() and adp5589_probe() in the ADP5589 driver (drivers/input/keyboard/adp5589-keys.c) in the Linux kernel allow a hacker to induce a service failure.

The vulnerability of the adp5589keypadadd and adp5589probe functions in the ADP5589 driver drivers/input/keyboard/adp5589-keys.c in the Linux kernel is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a system failure...

CVE-2022-32503

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect to the device and bypass both hardware and software security protections. This affects Nuki Keypad before 1.9.2 and Nuki Fob before 1.8.1...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the presence of a stack buffer overflow that can be exploited by an attacker to execute...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions prior to Nuki Bridge v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that an attacker may be able to connect to the device and...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a failure to implement access control for different BLE commands for different accounts...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from an attacker being able to use debugging functionality to control the execution of code o...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions of Nuki Bridge prior to v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad prior to v1.9.2, which stems from a lack of certificate validation for HTTP communications, allowing an...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that sending an incorrectly formatted HTTP verb can force a device to reboot...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that sending multiple incorrectly-formatted packets can prevent certain functio...

vNuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions prior to Nuki Bridge v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the presence of a buffer overflow that allows remote code execution...

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a publicly available HTTP API that uses an unencrypted channel to provide a management...

PT-2024-11567 · Nuki · Nuki Keypad +1

Name of the Vulnerable Software and Affected Versions: Nuki Keypad versions prior to 1.9.2 Nuki Fob versions prior to 1.8.1 Description: An issue was discovered on certain Nuki Home Solutions devices, where an attacker with physical access to the JTAG port may be able to connect to the device and...

CVE-2023-7003 CVE-2023-7003

The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware...

CVE-2023-7003 CVE-2023-7003

The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware...

Sciener firmware security vulnerability

Sciener is a smart lock firmware from Sciener. The Sciener firmware has a security vulnerability that stems from the fact that the AES key for the pairing between the lock and the wireless keypad is not unique and can be reused...

Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks

Overview Sciener is a company that develops software and hardware for electronic locks that are marketed under many different brands. Their hardware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to...