CVE-2023-26942

Vulnerability

The Yale IA-210 Alarm v1.0 uses weak encryption mechanisms for its RFID tags, making it possible for an attacker to clone a legitimate tag. The vulnerability resides in the tag's cryptographic implementation, which does not provide sufficient protection against cloning attacks. This affects all units running firmware version 1.0. [1]

Exploitation

An attacker must be in physical proximity to the original RFID tag to capture its data. Using a compatible RFID reader, the attacker can intercept the tag's communication and extract the necessary information to create a cloned tag. No authentication or special privileges are required beyond physical access to the tag. [1]

Impact

Successful exploitation allows the attacker to create a cloned RFID tag that can be used to disarm or interact with the Yale IA-210 Alarm system as if it were the original authorized tag. This compromises the integrity of the access control system and could lead to unauthorized entry or alarm deactivation. [1]

Mitigation

As of the publication date, no official patch or firmware update has been released to address this vulnerability. The vendor has acknowledged the issue following responsible disclosure. Users should monitor for updates from Yale and consider physical security measures to protect RFID tags from unauthorized scanning. [1]