CVE-2023-7003

Name of the Vulnerable Software and Affected Versions Sciener firmware (affected versions not specified)

Description The issue concerns the use of a non-unique AES key in the pairing process between locks using Sciener firmware and wireless keypads. This key can be reused, potentially compromising other locks that utilize the same firmware. The affected locks include electronic locks such as Kontrol and Elock, which work in conjunction with the TTLock app.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.