Details of VAR-201712-0299

ID

VAR-201712-0299

CVE

CVE-2017-17435

TITLE

Vaultek Gun Safe VT20i Software authentication vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2017-011231

DESCRIPTION

An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request, the safe does not check the PIN code, so an attacker can obtain authorization using any value. Once an attacker sees the Bluetooth Low Energy (BLE) advertisement for the safe, they need only to write a BLE characteristic to enable notifications, and send a crafted getAuthor packet that returns a temporary key, and an unlock packet including that temporary key. The safe then opens after the unlock packet is processed, with no verification of PIN or other credentials. Vaultek Gun Safe VT20i Software contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A security vulnerability exists in the Vaultek Gun Safe VT20i

Trust: 1.8

sources: NVD: CVE-2017-17435 // JVNDB: JVNDB-2017-011231 // VULHUB: VHN-108457 // VULHUB: VHN-108458

IOT TAXONOMY

category:

['industrial device']

sub_category:

smart safe

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	vaulteksafe	model:	vt20i	scope:	eq	version:	-	Trust: 1.6
vendor:	vaultek safe	model:	vt20i	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2017-011231 // CNNVD: CNNVD-201712-154 // NVD: CVE-2017-17435

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-17435
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-17435
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201712-154
value:	HIGH
Trust: 0.6
VULHUB:	VHN-108457
value:	HIGH
Trust: 0.1
VULHUB:	VHN-108458
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-17435
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-108457
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1
VULHUB:	VHN-108458
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-17435
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-108457 // VULHUB: VHN-108458 // JVNDB: JVNDB-2017-011231 // CNNVD: CNNVD-201712-154 // NVD: CVE-2017-17435

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.9
problemtype:	CWE-326	Trust: 0.1

sources: VULHUB: VHN-108457 // VULHUB: VHN-108458 // JVNDB: JVNDB-2017-011231 // NVD: CVE-2017-17435

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201712-154

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201712-154

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011231

PATCH

title:

Vaultek VT20i: Security Vulnerability (CVE-2017-17435)

url:

https://vaulteksafe.com/cve-2017-17435/

Trust: 0.8

sources: JVNDB: JVNDB-2017-011231

EXTERNAL IDS

db:	NVD	id:	CVE-2017-17435	Trust: 2.7
db:	JVNDB	id:	JVNDB-2017-011231	Trust: 0.8
db:	CNNVD	id:	CNNVD-201712-154	Trust: 0.7
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULHUB	id:	VHN-108457	Trust: 0.1
db:	CNNVD	id:	CNNVD-201712-153	Trust: 0.1
db:	VULHUB	id:	VHN-108458	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-108457 // VULHUB: VHN-108458 // JVNDB: JVNDB-2017-011231 // CNNVD: CNNVD-201712-154 // NVD: CVE-2017-17435

REFERENCES

url:	https://www.twosixlabs.com/bluesteal-popping-gatt-safes/	Trust: 2.6
url:	https://vaulteksafe.com/index.php/cve-2017-17435/	Trust: 1.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17435	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-17435	Trust: 0.8
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-108457 // VULHUB: VHN-108458 // JVNDB: JVNDB-2017-011231 // CNNVD: CNNVD-201712-154 // NVD: CVE-2017-17435

SOURCES

db:	OTHER	id:	-
db:	VULHUB	id:	VHN-108457
db:	VULHUB	id:	VHN-108458
db:	JVNDB	id:	JVNDB-2017-011231
db:	CNNVD	id:	CNNVD-201712-154
db:	NVD	id:	CVE-2017-17435

LAST UPDATE DATE

2025-04-20T22:55:57.986000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-108457	date:	2017-12-22T00:00:00
db:	VULHUB	id:	VHN-108458	date:	2017-12-22T00:00:00
db:	JVNDB	id:	JVNDB-2017-011231	date:	2018-01-11T00:00:00
db:	CNNVD	id:	CNNVD-201712-154	date:	2017-12-07T00:00:00
db:	NVD	id:	CVE-2017-17435	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-108457	date:	2017-12-07T00:00:00
db:	VULHUB	id:	VHN-108458	date:	2017-12-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-011231	date:	2018-01-11T00:00:00
db:	CNNVD	id:	CNNVD-201712-154	date:	2017-12-07T00:00:00
db:	NVD	id:	CVE-2017-17435	date:	2017-12-07T00:29:00.223