PT-2019-13042 · Ttlock · Ttlock

Published

2019-09-10

Updated

2019-09-12

CVE-2019-12943

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions TTLock devices (affected versions not specified)

Description The issue is related to incorrect access control, where TTLock devices do not properly restrict password-reset attempts. This can lead to the disclosure of sensitive information about valid account names.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-640

Related Identifiers

CVE-2019-12943

Affected Products

Ttlock

PT-2019-13042 · Ttlock · Ttlock

CVE-2019-12943

Weakness Enumeration

Related Identifiers

Affected Products

References · 2