18 matches found
EUVD-2019-15210
Malware in sbrugna...
EUVD-2019-15208
Malware in sbrugna...
EUVD-2019-15209
Malware in sbrugna...
CVE-2019-5633
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS,...
CVE-2019-5635
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the...
CVE-2019-5632
An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for...
CVE-2019-5633
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS,...
CVE-2019-5634
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...
Information disclosure
An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for...
Design/Logic Flaw
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...
Information disclosure
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS,...
CVE-2019-5634 Hickory Smart Lock Insecure Logging on Android
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...
CVE-2019-5635
CVE-2019-5635 describes a cleartext credential transmission in the Hickory Smart Ethernet Bridge (model H077646) from Belwith Products. The device reportedly communicates with an MQTT broker over the network without encryption, exposing the default username/password used for MQTT authentication. ...
CVE-2019-5635 Hickory Smart Lock Cleartext Password
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the...
CVE-2019-5632 Hickory Smart Lock Insecure Storage on Android
An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for...
CVE-2019-5632
CVE-2019-5632 affects Hickory Smart for Android (pre-01.01.43). Root cause: unencrypted sensitive data stored in the app’s Android SQLite database (SecureRemoteSmartDB.sqlite), enabling remote control of locks if data is exposed. Impact stated as information that could be used to control the lock...
CVE-2019-5633 Hickory Smart Lock Insecure Storage on iOS
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS,...
CVE-2019-5633
CVE-2019-5633 concerns insecure storage of sensitive data in Hickory Smart for iOS (Cache.db), enabling potential remote control of locks. Affected: Hickory Smart for iOS, version 01.01.07 and earlier. The connected ThreatPost report notes this CVE alongside related flaws (e.g., 2019-5632, 2019-5...