OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.
Advisories
Source ID Title
EUVD EUVD EUVD-2014-2398 OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.
Fixes

Solution

OleumTech has created updates for both BreeZ and the gateway to mitigate all these vulnerabilities. These updates allow users to encrypt their wireless traffic with AES256. To obtain these updates, please log in to the OleumTech download center ( http://support.oleumtech.com/  ) or contact OleumTech tech support:Phone: 866-508-8586 Email: TechSupport@OleumTech.com


Workaround

No workaround given by the vendor.

History

Mon, 06 Oct 2025 17:45:00 +0000

Type Values Removed Values Added
Title OleumTech WIO Family Key Management Errors
Weaknesses CWE-320
References

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-10-06T17:31:55.409Z

Reserved: 2014-03-13T00:00:00

Link: CVE-2014-2361

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2014-07-24T14:55:07.190

Modified: 2025-10-06T18:15:47.420

Link: CVE-2014-2361

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.