34 matches found
CVE-2023-50127
Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
CVE-2023-50127
Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...
CVE-2023-50126
Missing encryption in the RFID tags of the Hozard alarm system Alarmsysteem v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50128
The remote keyless system of the Hozard alarm system alarmsystemen v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state...
Authentication flaw
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
Default credentials
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
Hozard Alarm system security breach
Hozard alarm system is an alarm system from Hozard. A security vulnerability exists in the Hozard Alarm system, which stems from a default engineer password that allows an attacker to place the alarm system in a disarmed state...
CVE-2023-50128
The CVE-2023-50128 entry concerns the Hozard alarm system (alarmsystemen) v1.0 remote keyless system. The vulnerability arises because the RF signal emitted for each request is identical, enabling an attacker to perform replay attacks and disarm the alarm. This is supported by multiple sources (e...
CVE-2023-50125
A default engineer password set on the Hozard alarm system Alarmsysteem v1.0 allows an attacker to bring the alarm system to a disarmed state...
CVE-2023-50127
Hozard alarm system Alarmsysteem v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number...
CVE-2023-50123
The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...
CVE-2023-50126
CVE-2023-50126 concerns the Hozard alarm system (Alarmsysteem) v1.0, where RFID tags lack encryption. The Root Cause is missing encryption on RFID tags, enabling an attacker in close proximity to clone a tag and disarm the system. Documented impact is a disarmed state without broader system compr...
CVE-2023-50127
CVE-2023-50127 affects the Hozard alarm system (Alarmsysteem) v1.0 and is caused by an Improper Authentication flaw where SMS commands are accepted from random phone numbers, enabling an attacker to disarm the system from any number. Practical impact described across sources includes the ability ...