VYPR

Original

by SimpliSafe

CVEs (7)

  • CVE-2018-11402MedMay 24, 2018
    risk 0.43cvss 6.6epss 0.00

    SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN.

  • CVE-2018-11401MedMay 24, 2018
    risk 0.30cvss 4.6epss 0.00

    In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification.

  • CVE-2018-11400MedMay 24, 2018
    risk 0.30cvss 4.6epss 0.00

    In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power.

  • CVE-2018-11399MedMay 24, 2018
    risk 0.28cvss 4.3epss 0.00

    SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur.

  • CVE-2020-5727May 2, 2020
    risk 0.00cvss epss 0.00

    Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.

  • CVE-2019-3998Feb 13, 2020
    risk 0.00cvss epss 0.00

    Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to.

  • CVE-2019-3997Jan 16, 2020
    risk 0.00cvss epss 0.00

    Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system.