Vulnerabilities > Ecobee

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-03	CVE-2021-27952	Use of Hard-coded Credentials vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200 Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. network low complexity ecobee CWE-798 critical	9.8
2021-08-03	CVE-2021-27953	NULL Pointer Dereference vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200 A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. network low complexity ecobee CWE-476	7.5
2021-08-03	CVE-2021-27954	Out-of-bounds Write vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200 A heap-based buffer overflow vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HKProcessConfig function of the HomeKit Wireless Access Control setup process. network low complexity ecobee CWE-787	8.2
2020-04-14	CVE-2018-6402	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ecobee Ecobee4 Firmware 4.2.0.171 Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. high complexity ecobee CWE-327	7.5

Vulnerabilities > Ecobee {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ecobee"}]}