5 matches found
CVE-2022-32507
An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands...
CVE-2022-32505
An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4...
CVE-2022-32506
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...
CVE-2022-32507
An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands...
CVE-2022-32507
CVE-2022-32507 involves a vulnerability in certain Nuki Home Solutions devices where BLE commands that should require privileged access could be invoked by unprivileged accounts due to missing access controls across account types. Affected products: Nuki Smart Lock 3.0 prior to 3.3.5 and Nuki Sma...