Vulnerability Details : CVE-2017-17436
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and "Data transmissions are secure via AES256 bit encryption." These claims, however, are not true. Moreover, AES256 bit encryption is not supported in the Bluetooth Low Energy (BLE) standard, so it would have to be at the application level. This lack of encryption allows an individual to learn the passcode by eavesdropping on the communications between the application and the safe.
Products affected by CVE-2017-17436
- cpe:2.3:o:vaulteksafe:vt20i_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-17436
0.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-17436
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-17436
-
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-17436
-
https://www.twosixlabs.com/bluesteal-popping-gatt-safes/
BlueSteal: Popping GATT Safes - Two Six Labs | Advanced Analytics, Cyber Capabilities, Tactical Mobility Solutions for National SecurityThird Party Advisory
-
https://vaulteksafe.com/index.php/cve-2017-17435/
VAULTEK® VT20i SECURITY UPDATE 2 – Vaultek SafeMitigation;Vendor Advisory
Jump to