A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/ |
History
Fri, 20 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Thu, 19 Dec 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field. | |
Title | CVE-2023-7005 | |
References |
|
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2024-12-19T17:35:45.594Z
Updated: 2024-12-20T17:47:11.828Z
Reserved: 2023-12-20T14:58:39.182Z
Link: CVE-2023-7005
Vulnrichment
Updated: 2024-12-20T17:47:02.718Z
NVD
Status : Received
Published: 2024-12-19T18:15:06.313
Modified: 2024-12-20T18:15:25.777
Link: CVE-2023-7005
Redhat
No data.