Vulnerabilities (CVE)

Filtered by vendor Simplisafe Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-5727 1 Simplisafe 2 Ss3, Ss3 Firmware 2024-11-21 2.1 LOW 4.6 MEDIUM
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.
CVE-2019-3998 1 Simplisafe 2 Simplisafe Ss3, Simplisafe Ss3 Firmware 2024-11-21 1.9 LOW 5.5 MEDIUM
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to.
CVE-2019-3997 1 Simplisafe 2 Ss3, Ss3 Firmware 2024-11-21 2.1 LOW 4.6 MEDIUM
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.
CVE-2018-11402 1 Simplisafe 2 U9k-kp1000, U9k-kp1000 Firmware 2024-11-21 1.9 LOW 6.6 MEDIUM
SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN.
CVE-2018-11401 1 Simplisafe 2 U9k-bs1000, U9k-bs1000 Firmware 2024-11-21 4.9 MEDIUM 4.6 MEDIUM
In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification.
CVE-2018-11400 1 Simplisafe 2 U9k-bs1000, U9k-bs1000 Firmware 2024-11-21 4.9 MEDIUM 4.6 MEDIUM
In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power.
CVE-2018-11399 1 Simplisafe 8 U9k-es1000, U9k-es1000 Firmware, U9k-kr1 and 5 more 2024-11-21 1.9 LOW 4.3 MEDIUM
SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur.