PT-2023-27129 · Unknown · Suleve 5-In-1 Smart Door Lock
Ash Allen
·
Published
2023-08-15
·
Updated
2023-08-22
·
CVE-2023-39843
CVSS v3.1
2.4
Low
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Suleve 5-in-1 Smart Door Lock version v1.0
Description
The issue is related to missing encryption in the RFID tag of the Suleve 5-in-1 Smart Door Lock, which allows attackers to create a cloned tag via brief physical proximity to the original device.
Recommendations
For Suleve 5-in-1 Smart Door Lock version v1.0, consider disabling the RFID tag functionality until a patch or fix is available to mitigate the risk of tag cloning. Additionally, restrict physical access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Suleve 5-In-1 Smart Door Lock