CVE-2023-1752

Name of the Vulnerable Software and Affected Versions Nexx Smart Home devices (affected versions not specified) Nexx Garage Door Controller (NXG-100B, NXG-200) Nexx Smart Plug (NXPG-100W) Nexx Smart Alarm (NXAL-100)

Description The issue is related to weaknesses in the authentication procedure of Nexx Smart Home devices. This could allow any user to register an already registered alarm or associated device with only the device’s MAC address.

Recommendations For Nexx Smart Home devices, consider restricting access to device registration until a patch is available. For Nexx Garage Door Controller, Nexx Smart Plug, and Nexx Smart Alarm, avoid using the device registration feature with only the device’s MAC address until the issue is resolved. As a temporary workaround, consider disabling device registration for already registered alarms or associated devices until a patch is available.