CVE-2018-19023

Name of the Vulnerable Software and Affected Versions Hetronic Nova-M versions prior to r161

Description The issue allows for unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state due to the use of fixed codes that can be reproducible by sniffing and re-transmission.

Recommendations For versions prior to r161, update to version r161 or later to resolve the issue. As a temporary workaround, consider implementing additional authentication or encryption mechanisms to prevent sniffing and re-transmission of commands. Restrict access to the system to minimize the risk of exploitation.