Bluetooth LE Stack Vulnerability in Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012: Unauthorized Access via Session Management and Credential Re-use
CVE-2022-46480 · HIGH Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range.
Learn more about our Web Application Penetration Testing UK.