6 matches found
CVE-2018-19023
Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state...
CVE-2018-19023
Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state...
CVE-2018-19023
Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state...
CVE-2018-19023
CVE-2018-19023 affects Hetronic Nova-M transmitters (prior to firmware r161) with fixed codes that can be sniffed and replayed to control receivers. ZDI-ZDI-19-003-03 details remote command replay via capture-replay without authentication; impact includes unauthorized command execution and device...
Hetronic Nova-M Replay Attack Vulnerability
This vulnerability allows remote attackers to issue commands on vulnerable installations of Hetronic equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists with the communication between the transmitter and receiver pair. By using a fixed control code an...
Hetronic Nova-M
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit Vendor: Hetronic Equipment: Nova-M Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands,...