VYPR
← All vendors
Vendor

ThroughTek

Products
3
CVEs
4
Across products
4
Status
Private

Products

3

Recent CVEs

4
  • CVE-2023-6324May 15, 2024
    ThroughTek
    Kalay SDK
    risk 0.00cvss epss 0.01

    ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity

  • CVE-2023-6323May 15, 2024
    ThroughTek
    Kalay SDK
    risk 0.00cvss epss 0.00

    ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.

  • CVE-2021-32934May 19, 2022
    ThroughTek
    P2P SDK
    risk 0.00cvss epss 0.01

    The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module) do not…

  • CVE-2021-28372Aug 17, 2021
    ThroughTek
    Kalay Platform 2.0
    risk 0.00cvss epss 0.02

    ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials…