What the vulnerability does

01Description

Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

Key dates

02Disclosure timeline

January 25, 2019 CVE published
September 16, 2024 Record updated