PT-2024-13868 · Flient · Flient Smart Door Lock
Published
2024-01-11
·
Updated
2024-01-19
·
CVE-2023-50129
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Flient Smart Door Lock version 1.0
Description
The issue is related to missing encryption in the NFC tags of the Flient Smart Door Lock, allowing attackers to create a cloned tag via brief physical proximity to the original tags. This results in an attacker gaining access to the perimeter.
Recommendations
For Flient Smart Door Lock version 1.0, consider disabling the NFC tag functionality until a patch or fix that implements proper encryption is available. Restrict physical access to the door lock to minimize the risk of exploitation.
Exploit
Fix
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flient Smart Door Lock