Throughtek Kalay Sdk vulnerabilities
2 known vulnerabilities affecting throughtek/kalay_sdk.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-6324P3HIGHCVSS 8.8≥ 3.1.10.0, ≤ 3.1.10.16≥ 3.2.0.0, ≤ 3.3.6.1+2 more2024-05-15
CVE-2023-6324 [HIGH] CWE-457 CVE-2023-6324: ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpecte
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
nvd
CVE-2023-6323P4MEDIUMCVSS 6.5fixed in 4.3.4.22024-05-15
CVE-2023-6323 [MEDIUM] CWE-345 CVE-2023-6323: ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
nvd