CVE-2023-50128

{"id": "CVE-2023-50128", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2024-01-11T21:15:10.817", "references": [{"url": "http://hozard.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-294"}]}], "descriptions": [{"lang": "en", "value": "The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state."}, {"lang": "es", "value": "El sistema remoto sin llave del sistema de Hozard alarm system (alarmsystemen) v1.0 env\u00eda una se\u00f1al de radiofrecuencia id\u00e9ntica para cada solicitud, lo que da como resultado que un atacante pueda realizar ataques de repetici\u00f3n para desarmar el sistema de alarma."}], "lastModified": "2024-01-19T15:29:21.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F9A297A-6C1D-4276-8153-C23EE75FB0BB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}