The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks.
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Link | Tags |
---|---|
https://tapplock.com/notice/20180612/ | vendor advisory |
https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ | third party advisory exploit |