CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-2361

HIGH
7.2
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile31.72th
Published2014年7月24日
Last Modified2026年5月6日

Vulnerability Description

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

Affected Platforms (CPE)

🔌
Oleumtech

Sensor Wireless I\/o Module

All versions
🔌
Oleumtech

Wio Dh2 Wireless Gateway

All versions

References & Advisories

🔗 http://support.oleumtech.com/
🔗 http://www.securityfocus.com/bid/68797
🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-14-202-01a
🔗 http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01
🔗 http://www.securityfocus.com/bid/68795

関連する脆弱性情報

CVE-2021-272899.1

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix (Zigbee Gateway Module = v1.0.3, Door...

CVE-2014-23627.8

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation,...

CVE-2014-23605.0

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets th...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...