Authentication Bypass Vulnerability in SimpliSafe SS3 Firmware 1.0-1.3: Unauthorized Pairing of Rogue Keypad
CVE-2019-3997 · MEDIUM Severity
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.
Learn more about our Web Application Penetration Testing UK.