Authentication Bypass Vulnerability in SimpliSafe SS3 Firmware 1.0-1.3: Unauthorized Pairing of Rogue Keypad

Authentication Bypass Vulnerability in SimpliSafe SS3 Firmware 1.0-1.3: Unauthorized Pairing of Rogue Keypad

CVE-2019-3997 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.

Learn more about our Web Application Penetration Testing UK.