PT-2020-20659 · Tinxy · Tinxy Door Lock

Published

2020-06-23

Updated

2020-07-01

CVE-2020-9438

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Tinxy Door Lock versions prior to 3.2

Description The issue concerns the mishandling of door-access revocation, allowing attackers to unlock a door by replaying a previously authorized Unlock request.

Recommendations For versions prior to 3.2, update the firmware to version 3.2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-294

Related Identifiers

CVE-2020-9438

Affected Products

Tinxy Door Lock

PT-2020-20659 · Tinxy · Tinxy Door Lock

CVE-2020-9438

Weakness Enumeration

Related Identifiers

Affected Products

References · 3