CVE-2023-44385

Name of the Vulnerable Software and Affected Versions Home Assistant Companion for iOS and macOS versions up to 2023.4

Description The issue allows attackers to send malicious links or QRs to victims, which can lead to calling arbitrary services in their Home Assistant installation. This can result in full compromise and remote code execution (RCE) when combined with other security advisories.

Recommendations For versions up to 2023.4, upgrade to version 2023.7 to address this issue. At the moment, there is no information about other workarounds for this vulnerability.