Key Management Errors

CVE-2014-2361

High

7.2/10

Summary

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-320 - Key Management Errors

Weaknesses in this category are related to errors in the management of cryptographic keys.

References

Advisory Timeline

Published Jul 24, 2014

Key Management Errors

CVE-2014-2361

Summary

CWE-320 - Key Management Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS