Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
References
Link | Resource |
---|---|
https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
22 Aug 2023, 18:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mydigoo dg-hamb Smart Home Security System Firmware
Mydigoo dg-hamb Smart Home Security System Mydigoo |
|
CWE | CWE-311 | |
CPE | cpe:2.3:h:mydigoo:dg-hamb_smart_home_security_system:-:*:*:*:*:*:*:* cpe:2.3:o:mydigoo:dg-hamb_smart_home_security_system_firmware:1.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 2.4 |
References | (MISC) https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure - Exploit, Third Party Advisory |
15 Aug 2023, 21:56
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-15 20:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-39842
Mitre link : CVE-2023-39842
CVE.ORG link : CVE-2023-39842
JSON object : View
Products Affected
mydigoo
- dg-hamb_smart_home_security_system_firmware
- dg-hamb_smart_home_security_system
CWE
CWE-311
Missing Encryption of Sensitive Data