RSS   Vulnerabilities for
'Real-time location system controller'
   RSS

2014-12-19
 
CVE-2014-9408

CWE-200
 

 
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack.

 
 
CVE-2014-2716

CWE-310
 

 
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

 

 >>> Vendor: Ekahau 4 Products
Activator
B4 staff badge tag firmware
Real-time location system controller
B4 staff badge tag


Copyright 2024, cxsecurity.com

 

Back to Top