CVE-2023-7007 Information

Description

Sciener server does not validate connection requests from the GatewayG2 allowing an impersonation attack that provides the attacker the unlockKey field.

Reference

https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/