Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-294,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hetronic | mlc_firmware | * |
| hetronic | dc_mobile_firmware | * |
| hetronic | nova-m_firmware | * |
| hetronic | bms-hl_firmware | * |
| hetronic | es-can-hl_firmware | * |