CVE-2015-3973
CVE-2015-3973 affects Janitza UMG power quality devices (UMG 508, 509, 511, 604, 605). The root cause is improper session token generation, where session tokens derive from the 4‑digit PIN plus a server‑generated challenge, enabling an attacker to potentially determine the PIN from session tokens...