Weak Password Requirements and Excessive Authentication Attempts Vulnerability in OKLOK Mobile Companion App for Fingerprint Bluetooth Padlock FB50

Weak Password Requirements and Excessive Authentication Attempts Vulnerability in OKLOK Mobile Companion App for Fingerprint Bluetooth Padlock FB50

CVE-2020-8790 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.

Learn more about our Cis Benchmark Audit For Print Devices.