Insufficient Random Value Generation in Honeywell OneWireless

Insufficient Random Value Generation in Honeywell OneWireless

CVE-2022-43485 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1

Learn more about our Wireless Penetration Test.