17 matches found
EUVD-2021-15055
Malware in sbrugna...
EUVD-2023-58565
Malicious code in bioql PyPI...
EUVD-2023-58566
Malicious code in bioql PyPI...
IoT Cameras Exposed by Chainable Exploits, Millions Affected
By Deeba Ahmed A recent discovery of 4 security flaws in ThroughTek's Kalay platform leaves millions of IoT devices exposed. This article explores the security risks to your connected home and the broader threat to IoT devices. Act now – secure your smart devices! This is a post from HackRead.com...
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6323
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...
CVE-2023-6323
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...
CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
CVE-2023-6323 ThroughTek Kalay SDK insufficient verification of message authenticity
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...
CVE-2023-6323 ThroughTek Kalay SDK insufficient verification of message authenticity
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...
ThroughTek Kalay Platform 数据伪造问题漏洞
Throughtek ThroughTek Kalay Platform is an application from China IOT Intelligence throughtek Inc. The Kalay Cloud Platform service is enabled using P2P technology. A data forgery issue vulnerability exists in ThroughTek Kalay Platform versions prior to 4.3.4.2, which stems from a vulnerability...
CVE-2021-28372
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...
CISA Releases Security Advisory for ThroughTek Kalay P2P SDK
CISA has released an Industrial Control Systems ICS advisory detailing a vulnerability affecting several versions of ThroughTek Kalay P2P Software Development Kit SDK. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrator...
PT-2021-3820 · Throughtek · Throughtek Kalay Platform +1
Name of the Vulnerable Software and Affected Versions: ThroughTek Kalay Platform version 2.0 ThroughTek Kalay P2P SDK affected versions not specified Description: The issue is related to the bypass of authentication via spoofing, allowing a remote attacker to compromise IoT devices and gain...
ThroughTek Kalay Platform 访问控制错误漏洞
throughtek ThroughTek Kalay Platform is an application from China IOT Intelligence Corporation throughtek Inc. The Kalay Cloud Platform service is enabled using P2P technology. An Access Control Error vulnerability exists in ThroughTek Kalay Platform that originates in the product network that...