PT-2023-20864 · Yale · Yale Keyless Lock
Alexios Mylonas
+2
·
Publicado
2023-12-03
·
Atualizado
2024-01-16
·
CVE-2023-26943
CVSS v3.1
6.5
Média
| Vetor | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Yale Keyless Lock version v1.0
Description
The issue is related to weak encryption mechanisms in RFID Tags, which allows attackers to create a cloned tag via physical proximity to the original.
Recommendations
For Yale Keyless Lock version v1.0, consider disabling the RFID tag functionality until a patch or fix is available to strengthen the encryption mechanisms. Restrict physical access to the lock to minimize the risk of exploitation.
Exploit
Correção
Inadequate Encryption Strength
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Yale Keyless Lock