This page aggregates publicly disclosed CVE and security risk information related to hozard, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-50128 | The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state. | [email protected] | 5.3 | 0.02% | 2024-01-11 | 2025-06-20 |
| CVE-2023-50127 | Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Authentication. Commands sent via the SMS functionality are accepted from random phone numbers, which allows an attacker to bring the alarm system to a disarmed state from any given phone number. | [email protected] | 5.9 | 0.14% | 2024-01-11 | 2025-06-20 |
| CVE-2023-50126 | Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state. | [email protected] | 6.5 | 0.04% | 2024-01-11 | 2025-06-03 |
| CVE-2023-50125 | A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed state. | [email protected] | 5.9 | 0.20% | 2024-01-11 | 2025-06-20 |
| CVE-2023-50123 | The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state. | [email protected] | 8.1 | 0.21% | 2024-01-11 | 2025-06-20 |