Sebastian Auwärter

Name of the Vulnerable Software and Affected Versions: Tiiwee X1 Alarm System version TWX1HAKV2 Description: The issue allows for authentication bypass through capture-replay, resulting in physical access to protected facilities without triggering an alarm. Recommendations: For Tiiwee X1 Alarm System version TWX1HAKV2, consider implementing additional authentication measures to prevent capture-replay attacks, such as using a time-based one-time password (TOTP) or a HMAC-based one-time password (HOTP) algorithm, until a patch is available.

**Name of the Vulnerable Software and Affected Versions** eLinkSmart Hidden Smart Cabinet Lock (affected versions not specified) **Description** The issue is related to incorrect access control, where the system fails to perform an authorization check. This can lead to card duplication and other attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mengshen Wireless Door Alarm M70 (affected versions not specified) **Description** The issue allows for authentication bypass via a capture-replay approach. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.