SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur.
Vector
LOCAL
Complexity
MEDIUM
Authentication
NONE
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE
Advisory | Patch | Confirmed | Link |
---|---|---|---|
https://www.simpleorsecure.net/simplisafe-security-advis... | |||
https://simplisafe.com/files/pdf/SimpliSafe_advisory_8-1... |
Cleartext Transmission of Sensitive Information (ID 319)
Related CAPEC 5
Session Sidejacking (CAPEC-ID 102)
Footprinting (CAPEC-ID 169)
Harvesting Usernames or UserIDs via Application API Event Monitoring (CAPEC-ID 383)
Signature Spoofing by Mixing Signed and Unsigned Content (CAPEC-ID 477)
Passively Sniff and Capture Application Code Bound for Authorized Client (CAPEC-ID 65)