Vulnerabilities > CVE-2019-5633 - Insecure Storage of Sensitive Information vulnerability in Belwith-Keeler Hickory Smart

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

belwith-keeler

CWE-922

NVD

Published: 2019-08-22

Updated: 2020-10-16

Summary

An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS, version 01.01.07 and prior versions.

Vulnerable Configurations

Part	Description	Count
Application	Belwith-Keeler Belwith Keeler Hickory Smart 1.0 Belwith Keeler Hickory Smart 01.01.03 Belwith Keeler Hickory Smart 01.01.04 Belwith Keeler Hickory Smart 01.01.05 Belwith Keeler Hickory Smart 01.01.06	5

Common Weakness Enumeration (CWE)

CWE-922 - Insecure Storage of Sensitive Information

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References