PT-2019-13043 · Glue · Glue Smart Lock

Published

2019-10-15

Updated

2020-08-24

CVE-2019-12944

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Glue Smart Lock version 2.7.8

Description The issue arises when the network connection is unavailable, and the device fails to properly block guest access in certain situations.

Recommendations For Glue Smart Lock version 2.7.8, consider restricting guest access manually until a patch is available to properly handle network connection unavailability.

Exploit

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2019-12944

Affected Products

Glue Smart Lock

PT-2019-13043 · Glue · Glue Smart Lock

CVE-2019-12944

Weakness Enumeration

Related Identifiers

Affected Products

References · 5