The details below discuss the vulnerabilities found in the following devices:
- Kerui W18 Alarm (firmware v1.0) – CVE-2023-31759
- Blitzwolf BW-IS22 Smart Home Security Alarm (firmware v1.0) – CVE-2023-31761
- Digoo DG-HAMB Smart Home Security System (firmware v1.0) – CVE-2023-31762
- AGSHome Smart Alarm (firmware v1.0) – CVE-2023-31763
All of the devices above demonstrate the same security weakness. An attacker can use a software-defined radio to capture commands sent to the alarm from the remote keyfob. As no rolling code is implemented, it is a simple matter to play back the code and gain full access to the alarm’s functions. As an example, see the following image, comparing subsequent keypresses of the AGSHome Alarm keyfob:
As of 13th May, 2023, none of the devices has been issued with a fix for this issue. Given that this is a vulnerability with the device hardware, we do not believe that this can be rectified with software updates.