2 matches found
Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay
Overview Qrio Smart Lock Q-SL2 provided by Qrio, inc. contains an authentication bypass by capture-replay vulnerability CWE-294. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
JVN#48687031: Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay
Qrio Smart Lock Q-SL2 provided by Qrio, inc. contains an authentication bypass by capture-replay vulnerability CWE-294. Impact An attacker may analyze the product's communication data and perform unintended operations under certain conditions. Solution Update the firmware and related products...