CVE-2023-39842

Name of the Vulnerable Software and Affected Versions Digoo DG-HAMB Smart Home Security System version 1.0

Description The issue is related to missing encryption in the RFID tag of the system, allowing attackers to create a cloned tag via brief physical proximity to the original device. This can be exploited to gain unauthorized access.

Recommendations For Digoo DG-HAMB Smart Home Security System version 1.0, consider disabling the RFID tag functionality until a patch or fix is available to mitigate the risk of cloned tags being created. Restrict physical access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.