The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature).
References
Link | Resource |
---|---|
https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
29 Jan 2024, 20:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 - Third Party Advisory | |
CPE | cpe:2.3:h:meross:msh30q:-:*:*:*:*:*:*:* cpe:2.3:o:meross:msh30q_firmware:4.5.23:*:*:*:*:*:*:* |
|
CWE | CWE-294 | |
First Time |
Meross
Meross msh30q Firmware Meross msh30q |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
24 Jan 2024, 13:49
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Jan 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-23 21:15
Updated : 2024-01-29 20:58
NVD link : CVE-2023-46892
Mitre link : CVE-2023-46892
CVE.ORG link : CVE-2023-46892
JSON object : View
Products Affected
meross
- msh30q_firmware
- msh30q
CWE
CWE-294
Authentication Bypass by Capture-replay