EUVD-2018-8094

Malware in sbrugna...

CVE-2018-16242

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

CVE-2018-16242

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

Design/Logic Flaw

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

CVE-2018-16242

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

CVE-2018-16242

The CVE-2018-16242 entry describes oBike’s use of Hangzhou Luoping Smart Locker, where an attacker can bypass the locking mechanism by replaying ciphertext in a BLE-based protocol that uses a predictable nonce. Affected component is the bicycle lock system's BLE lock protocol; the underlying issu...

oBike Electronic Lock Bypass

CVE-2018-16242 - oBike Electronic Lock Bypass Product: oBike bicycle-sharing service Vendor: oBike Inc. CVE ID: CVE-2018-16242 Subject: Access control bypass by replay attack on predictable nonce Effect: Unauthorized unlocking of bikes, cirumventing the ride-fees Author: Antoine Neuenschwander...