CVE-2017-17435

Name of the Vulnerable Software and Affected Versions Vaultek Gun Safe VT20i products

Description An issue in the Vaultek Gun Safe VT20i products allows an attacker to remotely unlock any safe without a valid PIN code. The safe does not verify the PIN code supplied in the authorization request, enabling an attacker to obtain authorization using any value. The attacker can exploit this by writing a Bluetooth Low Energy (BLE) characteristic to enable notifications, sending a crafted getAuthor packet to obtain a temporary key, and then sending an unlock packet with that temporary key. This results in the safe opening without verifying the PIN or other credentials.

Recommendations For Vaultek Gun Safe VT20i products, as a temporary workaround, consider disabling the Bluetooth Low Energy (BLE) functionality until a patch is available. Restrict access to the safe's BLE advertisement to minimize the risk of exploitation. Avoid using the phone application for authorization until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.