all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VU#949046: Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks

Add to bookmarks
March 7, 2024, 2:49 p.m. |

CERT Recently Published Vulnerability Notes kb.cert.org

Overview


Kontrol and Elock locks are electronic locks that utilize firmware provided by Sciener. This firmware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to locks that utilize the Sciener firmware, and allows for manipulation of the lock. Sceiner firmware locks also supports peripherals. The GatewayG2, also produced by Sciener, allows for connection to an appropriate lock through the TTLock app through WiFi. Sciener …

app attacks bluetooth called connect connections devices encryption file file upload firmware locks tandem upload vulnerable

Visit resource

More from kb.cert.org / CERT Recently Published Vulnerability Notes

VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models 1 week, 4 days ago | kb.cert.org
application arbitrary code attacker attackers +14
VU#123335: Multiple Programming Languages Fail to Escape Arguments Properly in Microsoft Windows 2 weeks, 3 days ago | kb.cert.org
arbitrary code attackers cases code +15
VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks 2 weeks, 4 days ago | kb.cert.org
architectures attacker attacks bhi +20
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks 3 weeks, 3 days ago | kb.cert.org
attacks can dos fragments +6
VU#417980: UDP-based, application-layer protocol implementations are vulnerable to network loops 1 month, 1 week ago | kb.cert.org
abuse application applications attacker +18
VU#488902: CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions 1 month, 1 week ago | kb.cert.org
architectures attacker can conditions +13
VU#949046: Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file … 1 month, 2 weeks ago | kb.cert.org
app attacks bluetooth called +11
VU#446598: GPU kernel implementations susceptible to memory leak 3 months, 1 week ago | kb.cert.org
access amd apple attacker +18
VU#302671: SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies 3 months, 1 week ago | kb.cert.org
attacker bypass can data +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Officer Hospital Laguna Beach

@ Allied Universal | Laguna Beach, CA, United States
View on infosec-jobs.com

Sr. Cloud DevSecOps Engineer

@ Oracle | NOIDA, UTTAR PRADESH, India
View on infosec-jobs.com

Cloud Operations Security Engineer

@ Elekta | Crawley - Cornerstone
View on infosec-jobs.com

Cybersecurity – Senior Information System Security Manager (ISSM)

@ Boeing | USA - Seal Beach, CA
View on infosec-jobs.com

Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs