2 matches found
CVE-2015-6033
CVE-2015-6033 affects the Qolsys IQ Panel (aka QOL) before 1.5.1. Root cause: the device does not verify digital signatures of software updates, allowing a man‑in‑the‑middle to deliver a modified update and bypass access restrictions. Impact: remote, unauthenticated attacker could inject maliciou...
Qolsys IQ Panel contains multiple vulnerabilities
Overview All firmware versions of Qolsys IQ Panel contain hard-coded cryptographic keys, do not validate signatures during software updates, and use a vulnerable version of Android OS. Description Qolsys IQ Panel is an Android OS-based touch screen controller for home automation devices and...