CVE-2026-54317— Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-54317
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN
Source: NVD (National Vulnerability Database)
Vulnerability Description
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant/components/konnected/__init__.py), that is marked as not requiring authentication (requires_auth = False). A comment next to that line says auth is instead handled "via the access token from configuration." That promise is only half true. Write requests (POST and PUT) are handled by update_sensor(), which does check the request's Authorization: Bearer <token> header against the integration's stored access tokens (using hmac.compare_digest). Read requests (GET) are handled by a separate get() method that has no authentication check at all. This vulnerability is fixed in 2026.6.0.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| home-assistant | core | < 2026.6.0 | - |
II. Public POCs for CVE-2026-54317
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-54317
请登录查看更多情报信息。
Other References for CVE-2026-54317 (1)
IV. Related Vulnerabilities
Same product: core
- CVE-2026-54318
Home Assistant: Exported BroadcastReceiver allows local apps - CVE-2024-14036
Dräger Core 1.0.5 Denial of Service via Malformed SDC Messag - CVE-2026-44698
Home Assistant: Cross-origin iframe access token exfiltratio - CVE-2026-44473
Ella Core: UE Downlink Redirection via Forged PDUSessionReso - CVE-2026-44475
Ella Core: UE Security Capability bypass on NGAP PathSwitchR
Same vendor: home-assistant
- CVE-2026-54318
Home Assistant: Exported BroadcastReceiver allows local apps - CVE-2026-44698
Home Assistant: Cross-origin iframe access token exfiltratio - CVE-2021-47942
Home Assistant Community Store 1.10.0 Path Traversal Account - CVE-2026-34205
Home Assistant: Unauthenticated App (Add-on) Endpoints Expos - CVE-2026-33045
Home Assistant has stored XSS in history-graphs
Same weakness: CWE-200
- CVE-2026-57231
Podman: Malformed Image can trick podman run into leaking ho - CVE-2026-55180
pnpm: Repository config can expand victim environment secret - CVE-2026-50017
pnpm binds unscoped user-level npm auth credentials to a rep - CVE-2026-52815
Gogs: Unauthenticated Organization Teams Information Disclos - CVE-2026-53949
Ghost Content API filter bypass reveals private fields
V. Comments for CVE-2026-54317
No comments yet