CVE-2023-1750 Information

Description

The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could retrieve device history set device settings and retrieve device information.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01