CVE-2023-50127

Name of the Vulnerable Software and Affected Versions Hozard alarm system (Alarmsysteem) version 1.0

Description The issue concerns Improper Authentication in the Hozard alarm system. Specifically, commands sent via the SMS functionality are accepted from random phone numbers. This allows an attacker to disarm the alarm system from any given phone number.

Recommendations For Hozard alarm system (Alarmsysteem) version 1.0, consider restricting access to the SMS functionality to trusted phone numbers as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.