{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T15:50:29.396","vulnerabilities":[{"cve":{"id":"CVE-2024-2197","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2024-03-20T01:15:11.823","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable cannot be used to change the configuration settings of the door readers or locksets and does not affect the ability for authorized users of the mobile application to lock or unlock access points."},{"lang":"es","value":"La aplicación Chirp Access contiene una contraseña codificada, BEACON_PASSWORD. Un atacante dentro del alcance de Bluetooth podría cambiar los ajustes de configuración dentro de la baliza Bluetooth, deshabilitando efectivamente la capacidad de la aplicación para notificar a los usuarios cuando están cerca de un punto de acceso habilitado para Beacon. Esta variable no se puede utilizar para cambiar los ajustes de configuración de los lectores de puertas o cerraduras y no afecta la capacidad de los usuarios autorizados de la aplicación móvil para bloquear o desbloquear puntos de acceso."}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-259"}]}],"references":[{"url":"https://statement.chirpsystems.com/chirp-systems-icsa-24-067-01-response.html","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-067-01","source":"ics-cert@hq.dhs.gov"},{"url":"https://statement.chirpsystems.com/chirp-systems-icsa-24-067-01-response.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-067-01","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}