Vulnerability Details CVE-2022-30111
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.1%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- https://tiger-team-1337.blogspot.com/2022/05/rf-remote-mck-lock-predictable-rolling.html
- https://twitter.com/Kevin2600/status/1495007534419038213
- https://www.youtube.com/watch?v=EruaGuE-cWI
- https://tiger-team-1337.blogspot.com/2022/05/rf-remote-mck-lock-predictable-rolling.html
- https://twitter.com/Kevin2600/status/1495007534419038213
- https://www.youtube.com/watch?v=EruaGuE-cWI
Products affected by CVE-2022-30111
-
cpe:2.3:a:mck_smartlock_project:mck_smartlock:1.0