CVE-2020-9462

An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup. Upon success, the attacker is able to further infiltrate the target's Wi-Fi networks.
References
Link Resource
https://developer.athom.com/firmware Release Notes Vendor Advisory
Configurations

Configuration 1


Information

Published : 2020-06-04 04:15

Updated : 2020-06-10 01:58


NVD link : CVE-2020-9462

Mitre link : CVE-2020-9462

Products Affected
No products.
CWE
CWE-312

Cleartext Storage of Sensitive Information