漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay
Vulnerability Description
The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485 messages and replay previously observed messages. This can be used, for example, to spoof a "quit alarm" message and continuously deactivate the safe alarm.
CVSS Information
N/A
Vulnerability Type
使用捕获-重放进行的认证绕过
Vulnerability Title
Wertheim SafeController 5400 Hardware for VAULT ROOMS 授权问题漏洞
Vulnerability Description
Wertheim SafeController 5400 Hardware for VAULT ROOMS是Wertheim公司的一款控制保险库门禁系统的硬件设备。 Wertheim SafeController 5400 Hardware for VAULT ROOMS 6.11.8130.22320版本存在授权问题漏洞,该漏洞源于服务器与微控制器之间的RS-485通信缺少加密保护,可能导致攻击者嗅探RS-485消息并重放之前观察到的消息,例如伪造“quit alarm”消息并持续禁用安全警报。
CVSS Information
N/A
Vulnerability Type
N/A