PT-2026-1557 · Auntyfey · Auntyfey Smart Combination Lock

Jabari Lucien

Publicado

2026-01-07

Atualizado

2026-01-07

CVE-2025-15474

CVSS v4.0

5.3

Média

Vetor

AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions AuntyFey Smart Combination Lock firmware versions as of 2025-12-24

Description The AuntyFey Smart Combination Lock firmware is susceptible to a denial of service. An unauthenticated attacker within Bluetooth Low Energy (BLE) range can repeatedly initiate BLE connections, disrupting keypad authentication and forcing the device into lockout states, thereby preventing legitimate users from unlocking it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770

Identificadores relacionados

CVE-2025-15474

Produtos afetados

Auntyfey Smart Combination Lock

PT-2026-1557 · Auntyfey · Auntyfey Smart Combination Lock

CVE-2025-15474

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6