CVE-2023-1752 – This vulnerability in Nexx Smart Home devices a... (How to Fix)

Q: What is the severity of CVE-2023-1752?

CVE-2023-1752 has a CVSS score of 8.1 (HIGH). This vulnerability in Nexx Smart Home devices allows any user to register an already registered alarm or associated device using only the device's MAC address. This affects users of vulnerable Nexx Smart Home products, potentially allowing unauthorized access and control of smart home security systems.

📋 TL;DR

This vulnerability in Nexx Smart Home devices allows any user to register an already registered alarm or associated device using only the device's MAC address. This affects users of vulnerable Nexx Smart Home products, potentially allowing unauthorized access and control of smart home security systems.

💻 Affected Systems

Products:

Nexx Smart Home devices (specific models not detailed in advisory)

Versions: Not specified in advisory, but multiple versions affected

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Devices must be connected to the Nexx cloud service to be vulnerable. Physical access not required.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could take full control of smart home security systems, disarm alarms, lock/unlock doors, and access surveillance systems, potentially enabling physical intrusion or theft.

🟠

Likely Case

Unauthorized users registering devices to their own accounts, gaining control over alarms, garage doors, or other connected smart home devices.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to isolated smart home networks without affecting critical systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only MAC address knowledge, which could be obtained through network scanning or other means.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in advisory

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01

Restart Required: Yes

Instructions:

1. Check Nexx device firmware version. 2. Update to latest firmware via Nexx mobile app. 3. Restart device after update. 4. Verify device registration is secure.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate smart home devices on separate VLAN or network segment

Disable Cloud Connectivity

all

Use devices in local-only mode if supported

🧯 If You Can't Patch

Disconnect vulnerable devices from internet entirely
Replace vulnerable devices with patched or alternative products

🔍 How to Verify

Check if Vulnerable:

Check if device allows registration with only MAC address via Nexx app or API

Check Version:

Check firmware version in Nexx mobile app device settings

Verify Fix Applied:

Attempt to register device with only MAC address - should fail after patch

📡 Detection & Monitoring

Log Indicators:

Multiple device registration attempts
Registration from unexpected IP addresses
MAC address reuse alerts

Network Indicators:

Unusual API calls to Nexx cloud services
Multiple registration requests for same device

SIEM Query:

source="nexx-cloud" AND (event="device_register" OR event="registration_attempt") AND count by device_mac > 1

📊 Metadata

CVE ID: CVE-2023-1752

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-287

Published: April 4, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-094-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1752, you might also want to check these: