The TTLock app does not properly verify that it is connected to a real lock

Aleph Research Advisory

Identifier

CVE-2023-7004

Severity

Moderate

Product

Sciener Smart Locks

Technical Details

The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device. This can be utilized by a threat actor who introduces a device that spoofs the MAC address of the lock, allowing for further exploits, such as compromising the unlockKey value.

Timeline

07-Mar-24
: Public disclosure.
21-Dec-23
: CVE-2023-7004 assigned.
29-Oct-23
: Reported.

Posts

Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2: discovered vulnerabilities)
By Lev Aronsky & Idan Strovinsky & Tomer Telem,
07-Mar 2024
Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 1: functional analysis)
By Lev Aronsky & Idan Strovinsky & Tomer Telem,
20-Feb 2024

Credit

Lev Aronsky (@levaronsky) of Aleph Research, HCL Technologies
Idan Strovinsky of Aleph Research, HCL Technologies
Tomer Telem of Aleph Research, HCL Technologies