Security Advisory
CVE-2021-27953
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request.