CVE-2023-28649

Name of the Vulnerable Software and Affected Versions OvrC cloud platform (affected versions not specified)

Description A vulnerability exists in the OvrC cloud platform where an attacker could impersonate a hub and send device requests to claim already claimed devices. The platform does not validate if the found devices are already managed by another user, allowing for potential unauthorized access. This issue is being actively exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.