PT-2023-27127 · Etekcity · Etekcity 3-In-1 Smart Door Lock
Ash Allen
·
Published
2023-08-15
·
Updated
2023-08-22
·
CVE-2023-39841
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Etekcity 3-in-1 Smart Door Lock version v1.0
Description
The issue is related to missing encryption in the RFID tag of the Etekcity 3-in-1 Smart Door Lock, which allows attackers to create a cloned tag via brief physical proximity to the original device.
Recommendations
For Etekcity 3-in-1 Smart Door Lock version v1.0, consider disabling the RFID tag functionality until a patch or fix is available to mitigate the risk of tag cloning.
Exploit
Fix
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Etekcity 3-In-1 Smart Door Lock