CVE-2019-17098

Summary

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions.

Affected Software

VendorProductVersion RangeStatus
AugustSmart Lock and Connect Wi-Fi Bridge Appunspecified <= v10.11.0affected
AugustConnect Firmwareunspecified <= 2.2.12affected

Weaknesses

  • CWE-321: CWE-321 Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

References