Fixed Code Vulnerability in Hetronic Nova-M Remote Control

Fixed Code Vulnerability in Hetronic Nova-M Remote Control

CVE-2018-19023 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

Learn more about our Web Application Penetration Testing UK.