The TTLock App does not employ proper verification...
Moderate severity
Unreviewed
Published
Mar 15, 2024
to the GitHub Advisory Database
•
Updated Aug 26, 2024
Description
Published by the National Vulnerability Database
Mar 15, 2024
Published to the GitHub Advisory Database
Mar 15, 2024
Last updated
Aug 26, 2024
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity.
References