ByteOS Network

CVE Vulnerability Details :

CVE-2019-17098

PUBLISHED

More Info Official Page

Assigner-Bitdefender

Assigner Org ID-b3d5ebe7-963e-41fb-98e1-2edaeabb8f82

Published At-30 Sep, 2020 | 13:05

Updated At-17 Sep, 2024 | 03:28

▼CVE Numbering Authority (CNA)

Use of Hard-coded Cryptographic Key vulnerability in August Connect Wi-Fi Bridge App

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions.

Affected Products

Vendor

August

Product

Smart Lock and Connect Wi-Fi Bridge App

Platforms

Android

Versions

Affected

From unspecified through v10.11.0 (custom)

Vendor

August

Product

Connect Firmware

Versions

Affected

From unspecified through 2.2.12 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-321	CWE-321 Use of Hard-coded Cryptographic Key

Metrics

Version	Base score	Base severity	Vector
3.1	3.5	LOW	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Solutions

Updating the Android app fixes the issue.

Credits

Bitdefender Labs

References

Hyperlink	Resource
https://labs.bitdefender.com/2020/08/smart-locks-not-so-smart-with-wi-fi-security/	x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://labs.bitdefender.com/2020/08/smart-locks-not-so-smart-with-wi-fi-security/	x_refsource_MISC x_transferred

Affected Products

Affected

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References