CVE-2014-2361

Summary

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

Affected Software

VendorProductVersion RangeStatus
OleumTechWIO DH2 Wireless GatewayAll versionsaffected
OleumTechSensor Wireless I/O ModulesAll versionsaffected

Weaknesses

  • CWE-320: CWE-320

ADP Enrichment

CVE Program Container

Additional References

References