12 matches found
CVE-2022-46480
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...
The vulnerability of the Bluetooth LE component of the microprogramming software for biometric locks, Ultraloq UL3 2nd Gen Smart Lock, allows a intruder to disclose the protected information.
The vulnerability of the Bluetooth LE component of the microprogrammed biometric lock Ultraloq UL3 2nd Gen Smart Lock is related to session management errors. Exploiting this vulnerability could allow a remote attacker to disclose the protected information...
CVE-2022-46480
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...
CVE-2022-46480
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...
Session fixation
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...
CVE-2022-46480
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...
CVE-2022-46480
Technical details for CVE-2022-46480 are not provided in the supplied documents; no affected products, root cause, or remediation are disclosed here. Monitor for updates.
U-tec Ultraloq UL3 Security Breach
The U-tec Ultraloq UL3 is a series of smart door locks from U-tec. A security vulnerability exists in the U-tec Ultraloq UL3 version 02.27.0012, which stems from a session mismanagement and credential reuse issue in the stack, allowing an attacker to sniff the unlock code and unlock the device...
PT-2022-7195 · Ultraloq · Ultraloq Ul3 2Nd Gen Smart Lock
Name of the Vulnerable Software and Affected Versions: Ultraloq UL3 2nd Gen Smart Lock Firmware version 02.27.0012 Description: The issue is related to incorrect session management and credential re-use in the Bluetooth LE stack, allowing an attacker to sniff the unlock code and unlock the device...
Smart Lock Vulnerability
Yet another Internet-connected door lock is insecure: Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and versatile smart deadbolt that offers keyless entry via your Bluetooth-enabled smartphone and code." Users can share temporary...
Smart Lock Turns Out to be Not So Smart, or Secure
Researchers are warning a keyless smart door lock made by U-tec, called Ultraloq, could allow attackers to track down where the device is being used and easily pick the lock – either virtually or physically. Ultraloq is a Bluetooth fingerprint and touchscreen door lock sold for about $200. It...
The not so ultra lock
This post couldn't have been written without @evstykas and @cybergibbons. I became aware of the Ultraloq from U-tec a few months ago. For a room door lock it has a range of what look like really good features: Ultraloq UL3 smart lever lock is designed to be "Real Keyless". You are free to use...