gsd-2023-7009
Vulnerability from gsd
Modified
2023-12-21 06:01
Details
Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock's integrity.
Aliases


To clipboard 

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-7009"
      ],
      "details": "Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock\u0027s integrity.",
      "id": "GSD-2023-7009",
      "modified": "2023-12-21T06:01:24.595083Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2023-7009",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Kontrol Lux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "6.5.x",
                          "version_value": "6.5.07"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Sciener"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock\u0027s integrity."
          }
        ]
      },
      "generator": {
        "engine": "VINCE 2.1.11",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-7009"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-311 Missing Encryption of Sensitive Data"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-319 Cleartext Transmission of Sensitive Information"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/",
            "refsource": "MISC",
            "url": "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock\u0027s integrity."
          },
          {
            "lang": "es",
            "value": "Algunas cerraduras basadas en Sciener admiten el procesamiento de mensajes de texto plano a trav\u00e9s de Bluetooth Low Energy, lo que permite pasar comandos maliciosos sin cifrar a la cerradura. Estos comandos maliciosos, de menos de 16 bytes de longitud, ser\u00e1n procesados por la cerradura como si fueran comunicaciones cifradas. Un atacante puede aprovechar a\u00fan m\u00e1s esto para comprometer la integridad del bloqueo."
          }
        ],
        "id": "CVE-2023-7009",
        "lastModified": "2024-03-17T22:38:29.433",
        "metrics": {},
        "published": "2024-03-15T17:15:07.810",
        "references": [
          {
            "source": "cret@cert.org",
            "url": "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/"
          }
        ],
        "sourceIdentifier": "cret@cert.org",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.