{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-46892","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-06-17T16:12:41.604Z","dateReserved":"2023-10-30T00:00:00.000Z","datePublished":"2024-01-23T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-01-23T20:14:50.304Z"},"descriptions":[{"lang":"en","value":"The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature)."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T20:53:21.944Z"},"title":"CVE Program Container","references":[{"url":"https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-294","lang":"en","description":"CWE-294 Authentication Bypass by Capture-replay"}]}],"affected":[{"vendor":"meross","product":"msh30q","cpes":["cpe:2.3:h:meross:msh30q:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.23","status":"affected"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.8,"attackVector":"ADJACENT_NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-27T15:25:00.657667Z","id":"CVE-2023-46892","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-17T16:12:41.604Z"}}]}}