CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2361

HIGH
7.2
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile31.72th
PublishedJul 24, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

Affected Platforms (CPE)

πŸ”Œ
Oleumtech

Sensor Wireless I\/o Module

All versions
πŸ”Œ
Oleumtech

Wio Dh2 Wireless Gateway

All versions

References & Advisories

πŸ”— http://support.oleumtech.com/
πŸ”— http://www.securityfocus.com/bid/68797
πŸ”— https://www.cisa.gov/news-events/ics-advisories/icsa-14-202-01a
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01
πŸ”— http://www.securityfocus.com/bid/68795

Related Vulnerabilities

CVE-2021-272899.1

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix (Zigbee Gateway Module = v1.0.3, Door...

CVE-2014-23627.8

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation,...

CVE-2014-23605.0

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets th...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...