13 matches found
EUVD-2017-8600
Malware in sbrugna...
EUVD-2017-8599
Malware in sbrugna...
Vaultek Gun Safe VT20i Information Disclosure Vulnerability (CNVD-2018-00316)
The Vaultek Gun Safe VT20i aka BlueSteal is a fingerprint-enabled gun safe product. A security vulnerability exists in the Vaultek Gun Safe VT20i that stems from the program's failure to encrypt the session between the Android application and the safe. An attacker could exploit the vulnerability ...
Vaultek Gun Safe VT20i Information Disclosure Vulnerability
The Vaultek Gun Safe VT20i aka BlueSteal is a fingerprint-enabled gun safe product. An information disclosure vulnerability exists in the Vaultek Gun Safe VT20i. A remote attacker could exploit this vulnerability to open any safe in this product line...
CVE-2017-17436
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...
Code injection
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...
CVE-2017-17436
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...
CVE-2017-17436
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...
CVE-2017-17435
CVE-2017-17435 (Vaultek VT20i / BlueSteal) : A vulnerability in Vaultek Gun Safe VT20i products allows remote unlocking without a valid PIN. An attacker who observes the BLE advertisement can write a BLE characteristic to enable notifications, craft a getAuthor packet that returns a temporary key...
CVE-2017-17436
Technical details about CVE-2017-17436 are not present in the provided connected documents. No specific affected products, versions, root cause, or remediation are disclosed here. Monitor for updates as new information becomes available.