CVE-2023-6960

TTLock App virtual keys and settings are only deleted client side, and if preserved, can access the lock after intended deletion...

CVE-2023-6960 CVE-2023-6960

TTLock App virtual keys and settings are only deleted client side, and if preserved, can access the lock after intended deletion...

CVE-2023-6960

CVE-2023-6960 affects TTLock App and Sciener firmware in Kontrol Lux/Gateway G2 and TTLock App environments. Root cause: virtual keys and settings created/managed by the TTLock App are deleted only on the client side, leaving key information persisted on the lock itself; if preserved, these keys ...

TTLock Security Vulnerability

TTLock is a smart lock. The TTLock App suffers from a security vulnerability that stems from virtual keys and settings being deleted only on the client side, allowing an attacker to access the lock after deletion...

Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks

Overview Sciener is a company that develops software and hardware for electronic locks that are marketed under many different brands. Their hardware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to...

PT-2024-15143 · Sciener · Sciener Firmware

Name of the Vulnerable Software and Affected Versions: TTLock App affected versions not specified Description: The TTLock App has an issue where virtual keys and settings are only deleted on the client side. If these deleted items are preserved, they can still be used to access the lock after the...