10 matches found
EUVD-2018-12670
Malware in sbrugna...
EUVD-2019-7564
Malware in sbrugna...
CVE-2019-17098
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior...
CVE-2019-17098 Use of Hard-coded Cryptographic Key vulnerability in August Connect Wi-Fi Bridge App
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior...
CVE-2019-17098
This CVE concerns August Connect Wi‑Fi Bridge App and Firmware with a hard-coded cryptographic key. Affected: Android app v10.11.0 and earlier; Firmware v2.2.12 and earlier. Root cause: use of a hard-coded key in the crypto flow, enabling an attacker to decrypt an intercepted payload containing W...
August Connect Information Disclosure Vulnerability
August Connect is a bridge device for supporting Wi-Fi and smart lock connections. A security vulnerability exists in August Connect that stems from the program failing to securely transfer data between the August app and August Connect during configuration. An attacker could exploit the...
CVE-2018-20100
An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes them in an HTTP POST,...
Design/Logic Flaw
An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes them in an HTTP POST,...
CVE-2018-20100
The CVE-2018-20100 entry concerns August Connect devices where the configuration flow between the August app and August Connect exposes home Wi‑Fi credentials. Root cause: data is transferred over an unencrypted AP and the credentials are sent via HTTP POST using the AugustWifiDevice class, with ...
CVE-2018-20100
An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes them in an HTTP POST,...