Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.6 views

PT-2024-15172 · Sciener · Sciener Firmware

Name of the Vulnerable Software and Affected Versions: TTLock App affected versions not specified Description: The issue arises from the TTLock App's failure to properly verify the device it is communicating with, allowing a device that spoofs the MAC address of a lock to connect and compromise t...

6.5CVSS6.9AI score0.00165EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.6 views

PT-2024-15173 · Unknown · Ttlock App

Name of the Vulnerable Software and Affected Versions: TTLock App affected versions not specified Description: A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through...

7.5CVSS6.9AI score0.00253EPSS
Exploits0References7
CERT
CERT
added 2024/03/07 12:0 a.m.64 views

Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks

Overview Sciener is a company that develops software and hardware for electronic locks that are marketed under many different brands. Their hardware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to...

9.8CVSS7.5AI score0.00503EPSS
Exploits0References2
NVD
NVD
added 2019/09/10 9:15 p.m.16 views

CVE-2019-12943

TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names...

8.1CVSS7.9AI score0.01052EPSS
Exploits0References1
NVD
NVD
added 2019/09/10 9:15 p.m.14 views

CVE-2019-12942

TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable...

6.5CVSS6.5AI score0.00756EPSS
Exploits0References1
Prion
Prion
added 2019/09/10 9:15 p.m.13 views

Design/Logic Flaw

TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names...

2.6CVSS7.7AI score0.01052EPSS
Exploits0References1
Prion
Prion
added 2019/09/10 9:15 p.m.15 views

Design/Logic Flaw

TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable...

3.3CVSS6.5AI score0.00756EPSS
Exploits0References1
CVE
CVE
added 2019/09/10 8:51 p.m.103 views

CVE-2019-12943

The CVE-2019-12943 entry concerns TTLock devices where password-reset attempts are not properly restricted, causing incorrect access control and disclosure of valid account names. Affected product: TTLock devices. Root cause: insufficient restrictions on password-reset flow. Impact: potential acc...

8.1CVSS7.7AI score0.01052EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/10 8:51 p.m.19 views

CVE-2019-12943

TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names...

7.9AI score0.01052EPSS
Exploits0References1
CVE
CVE
added 2019/09/10 8:48 p.m.95 views

CVE-2019-12942

TTLock devices are affected by CVE-2019-12942: guest access is not properly blocked in scenarios where the cloud network is unavailable. The available documents consistently reference TTLock devices and a failure to enforce access control when cloud connectivity is broken, with no concrete detail...

6.5CVSS6.5AI score0.00756EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/10 8:48 p.m.16 views

CVE-2019-12942

TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable...

6.5AI score0.00756EPSS
Exploits0References1
Rows per page
Query Builder