FB50 Smart Lock Vulnerability Disclosure (CVE-2019-13143)

Executive Summary Our security engineers found vulnerabilities in the FB50 smart lock mobile application. An information disclosure vulnerability chained together with poor token management lead to a complete transfer of ownership of the lock from the user to the attacker’s account. Product Description The lock-in question is the FB50 smart lock, manufactured by Shenzhen Dragon […]