CVE-2014-2361

Name of the Vulnerable Software and Affected Versions OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules

Description The issue allows physically proximate attackers to spoof communication by obtaining the site security key after using direct hardware access or manual-setup mode, as no authentication is required for reading this key when BreeZ is used.

Recommendations For OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, consider implementing authentication for reading the site security key when BreeZ is used to prevent unauthorized access. As a temporary workaround, restrict physical access to the devices to minimize the risk of exploitation.