Vulnerabilities > Ecobee > Ecobee3 Lite Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-27952 Use of Hard-coded Credentials vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200
Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device.
network
low complexity
ecobee CWE-798
critical
 9.8
9.8
2021-08-03 CVE-2021-27953 NULL Pointer Dereference vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200
A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process.
network
low complexity
ecobee CWE-476
7.5
7.5
2021-08-03 CVE-2021-27954 Out-of-bounds Write vulnerability in Ecobee Ecobee3 Lite Firmware 4.5.81.200
A heap-based buffer overflow vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HKProcessConfig function of the HomeKit Wireless Access Control setup process.
network
low complexity
ecobee CWE-787
8.2
8.2