Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and "Data transmissions are secure via AES256 bit encryption." These claims, however, are not true. Moreover, AES256 bit encryption is not supported in the Bluetooth Low Energy (BLE) standard, so it would have to be at the application level. This lack of encryption allows an individual to learn the passcode by eavesdropping on the communications between the application and the safe.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vaultek Gun Safe VT20i 安全漏洞
Vulnerability Description
Vaultek Gun Safe VT20i(又名BlueSteal)是一款支持指纹识别的枪支保险箱产品。 Vaultek Gun Safe VT20i中存在安全漏洞,该漏洞源于程序没有加密Android应用程序与保险箱之间的会话。攻击者可通过窃听应用程序和保险箱之间的通信利用该漏洞获取密码。
CVSS Information
N/A
Vulnerability Type
N/A