Vulnerability Details CVE-2023-26941
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 6.5
References
- https://arxiv.org/abs/2312.00021
- https://www.researchgate.net/publication/375759408_Technical_Report_-_CVE-2022-46480_CVE-2023-26941_CVE-2023-26942_and_CVE-2023-26943#fullTextFileContent
- https://arxiv.org/abs/2312.00021
- https://www.researchgate.net/publication/375759408_Technical_Report_-_CVE-2022-46480_CVE-2023-26941_CVE-2023-26942_and_CVE-2023-26943#fullTextFileContent
Products affected by CVE-2023-26941
-
cpe:2.3:h:assaabloy:yale_conexis_l1:-
-
cpe:2.3:o:assaabloy:yale_conexis_l1_firmware:1.1.0