Description
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://labs.bitdefender.com/2020/08/smart-locks-not-so-smart-with-wi-fi-security/
Scores
CVSS v3
3.5
EPSS
0.0048
EPSS Percentile
37.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-321
CWE-798
Status
published
Products (2)
august/august_home
< 10.11.0
august/connect_wi-fi_bridge_firmware
< 2.2.12
Published
Sep 30, 2020
Tracked Since
Feb 18, 2026