CVE-2023-46892

HIGH

Meross MSH30Q <4.5.23 - Replay Attack

Title source: llm

Description

The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature).

References (1)

[Third Party Advisory] https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219

Scores

CVSS v3 8.8

EPSS 0.0004

EPSS Percentile 12.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-294

Status published

Affected Products (1)

meross/msh30q_firmware

Timeline

Published Jan 23, 2024

Tracked Since Feb 18, 2026