Sciener Kontrol Lux

4 CVEs affecting Sciener Kontrol Lux. Latest disclosed: 2024-03-15. Critical: 2, High: 1.

Top CVEs affecting Sciener Kontrol Lux
CVESeverityScorePublishedSummary
CVE-2023-7017Critical9.82024-03-15Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A cha…
CVE-2023-7006Critical9.12024-03-15The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity.
CVE-2023-7009High8.22024-03-15Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. Thes…
CVE-2023-7003Medium6.82024-03-15The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other lo…