Navigation
Search
|
Crickets From Chirp Systems in Smart Lock Key Leak
Monday April 15, 2024. 10:50 PM , from Slashdot
'Chirp Access improperly stores credentials within its source code, potentially exposing sensitive information to unauthorized access,' CISA's alert warned, assigning the bug a CVSS (badness) rating of 9.1 (out of a possible 10). 'Chirp Systems has not responded to requests to work with CISA to mitigate this vulnerability.' Matt Brown, the researcher CISA credits with reporting the flaw, is a senior systems development engineer at Amazon Web Services. Brown said he discovered the weakness and reported it to Chirp in March 2021, after the company that manages his apartment building started using Chirp smart locks and told everyone to install Chirp's app to get in and out of their apartments. Read more of this story at Slashdot.
https://it.slashdot.org/story/24/04/15/1826215/crickets-from-chirp-systems-in-smart-lock-key-leak?ut...
Related News |
25 sources
Current Date
May, Wed 1 - 15:12 CEST
|