Vulnerabilities > CVE-2019-12944 - Missing Authorization vulnerability in Gluehome Glue Smart Lock Firmware 2.7.8
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- https://www.kth.se/polopoly_fs/1.914054.1561620889%21/Examensarbete%20Final.pdf
- https://www.kth.se/polopoly_fs/1.914054.1561620889%21/Examensarbete%20Final.pdf
- https://www.kth.se/polopoly_fs/1.931930.1571073241%21/Vulnerability_Report_Glue_State_Consistency.pdf
- https://www.kth.se/polopoly_fs/1.931930.1571073241%21/Vulnerability_Report_Glue_State_Consistency.pdf