CVE-2022-46480, CVE-2023-26941, CVE-2023-26942, CVE-2023-26943
Introduction The following technical report provides background information relating to four CVEs found in the following products: Ultraloq UL3 BT (2nd Generation) (Firmware 02.27.0012) – CVE-2022-46480 Yale Conexis L1 Smart Lock (Firmware v1.1.0) – CVE-2023-26941 Yale IA-210 Intruder Alarm (Firmware v1.0) – CVE-2023-26942 Yale Keyless Smart Lock (Firmware v1.0) – CVE-2023-26943 The work discussed here was carried out by Ash Allen, Dr. Alexios Mylonas, and Dr. Stilianos Vidalis as part of a wider research project into smart device security. Responsible…