{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T21:31:55.842","vulnerabilities":[{"cve":{"id":"CVE-2019-17627","sourceIdentifier":"cve@mitre.org","published":"2019-10-16T12:15:12.103","lastModified":"2026-06-17T02:24:18.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Yale Bluetooth Key application for mobile devices allows unauthorized unlock actions by sniffing Bluetooth Low Energy (BLE) traffic during one authorized unlock action, and then calculating the authentication key via simple computations on the hex digits of a valid authentication request. This affects the Yale ZEN-R lock and unspecified other locks."},{"lang":"es","value":"La aplicación Yale Bluetooth Key para dispositivos móviles, permite acciones de desbloqueo no autorizadas al detectar el tráfico Bluetooth Low Energy (BLE) durante una acción de desbloqueo autorizada, y luego calcular la clave de autenticación mediante cálculos simples en los dígitos hexadecimales de una petición de autenticación válida. Esto afecta el bloqueo Yale ZEN-R y otros bloqueos no especificados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yalehome:yale_bluetooth_key:-:*:*:*:*:android:*:*","matchCriteriaId":"ACCC2199-CDA8-4D24-B09F-6BD0CF014200"}]}]}],"references":[{"url":"https://github.com/PwnMonkeyLab/YaleDoorlockVulnerability/blob/master/HowToDo.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/PwnMonkeyLab/YaleDoorlockVulnerability/blob/master/HowToDo.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}