CVE-2023-7004 Information

Description

The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device allowing for connection to a device that spoofs the MAC address of a lock which compromises the legitimate locks integrity.

Reference

https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/