Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-34553: Wireless Smart Lock Vulnerability Disclosure – Ash Allen

An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack.

CVE
#vulnerability

Skip to content

The details below discuss the vulnerabilities found in the following devices:

WAFU Keyless Smart Lock (firmware v1.0) – CVE-2023-34553

An attacker can use a software-defined radio to capture commands sent to the alarm from the remote keyfob. As no rolling code is implemented, it is a simple matter to play back the code and gain full access to the alarm’s functions. As an example, see the following image, comparing subsequent keypresses of the arm/disarm keyfob:

As of 22nd May, 2023, no fix has been released for this issue. Given that this is a vulnerability with the device hardware, we do not believe that this can be rectified with software updates.

Post navigation

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907