Security Advisory

CVE-2023-7017

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-15 17:07:28

Last updated 2025-11-04 18:22:12

Assigner certcc

State PUBLISHED

Description

Sciener locks firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allowing an attacker to compromise the device.

← Browse all CVEs View on cve.org ↗