Vulnerabilities > Hozard > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2023-50125 | Insufficiently Protected Credentials vulnerability in Hozard Alarm System 1.0 A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed state. | 5.9 |
| 2024-01-11 | CVE-2023-50126 | Missing Encryption of Sensitive Data vulnerability in Hozard Alarm System 1.0 Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state. | 6.5 |
| 2024-01-11 | CVE-2023-50127 | Improper Authentication vulnerability in Hozard Alarm System 1.0 Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Authentication. | 5.9 |
| 2024-01-11 | CVE-2023-50128 | Authentication Bypass by Capture-replay vulnerability in Hozard Alarm System 1.0 The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state. | 5.3 |