CVE-2022-30111

EUVD-2022-35324
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
mck_smartlock_projectmck_smartlock
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://tiger-team-1337.blogspot.com/2022/05/rf-remote-mck-lock-predictable-rolling.html
https://twitter.com/Kevin2600/status/1495007534419038213
https://www.youtube.com/watch?v=EruaGuE-cWI
https://tiger-team-1337.blogspot.com/2022/05/rf-remote-mck-lock-predictable-rolling.html
https://twitter.com/Kevin2600/status/1495007534419038213
https://www.youtube.com/watch?v=EruaGuE-cWI