Login Sign Up

CVE-2023-31762

7.5 HIGH
Authentication Bypass

📋 TL;DR

CVE-2023-31762 is a code replay vulnerability in the Digoo DG-HAMB Smart Home Security System transmitter that allows attackers to capture and replay wireless signals to gain full system access. This affects all users of Digoo DG-HAMB Smart Home Security System v1.0 who haven't applied security updates. Attackers can disarm alarms, bypass security controls, and take over the entire smart home security system.

💻 Affected Systems

Products:
  • Digoo DG-HAMB Smart Home Security System
Versions: v1.0
Operating Systems: Embedded system firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running v1.0 firmware are vulnerable. The vulnerability is in the wireless transmitter/receiver protocol implementation.

📦 What is this software?

Dg Hamb Firmware by Mydigoo

View all CVEs affecting Dg Hamb Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain complete control of the security system, disarm alarms, disable sensors, and potentially use the system as an entry point to other connected smart home devices.

🟠

Likely Case

Attackers disarm the security system to facilitate physical intrusion or theft while alarms remain silent.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to the security system itself, though attackers could still disarm alarms.

🌐 Internet-Facing: LOW (The vulnerability requires proximity to capture wireless signals, not internet connectivity)
🏢 Internal Only: HIGH (Attackers within wireless range can exploit this without authentication)

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Attack requires wireless signal capture equipment (like SDR devices) but the replay attack itself is straightforward once signals are captured.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Contact Digoo support for firmware update information or consider replacing the device.

🔧 Temporary Workarounds

Physical Security Enhancement

all

Implement additional physical security measures since the wireless protocol cannot be easily secured

Network Segmentation

all

Isolate the security system from other smart home devices to prevent lateral movement

🧯 If You Can't Patch

  • Replace the Digoo DG-HAMB system with a different security system that uses encrypted wireless protocols
  • Implement secondary security measures (cameras, motion sensors) that operate independently of the vulnerable system

🔍 How to Verify

Check if Vulnerable:

Check device firmware version in system settings. If version is v1.0, the device is vulnerable.

Check Version:

Check through device's system menu or mobile app for firmware version information

Verify Fix Applied:

No fix available to verify. Consider testing with wireless signal analyzer to check if signals can be replayed.

📡 Detection & Monitoring

Log Indicators:

  • Multiple disarm commands in rapid succession
  • Unusual time-of-day disarm events
  • System state changes without user interaction

Network Indicators:

  • Wireless signal capture devices detected in proximity
  • Unusual RF activity at 433MHz frequency

SIEM Query:

No standard SIEM query available as this is a physical/wireless attack

📊 Metadata

CVE ID: CVE-2023-31762
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-294
Published: May 24, 2023
Last Updated: January 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31762, you might also want to check these:

CVE-2025-49752 10.0

CVE-2025-49752 is an elevation of privilege vulnerability in Azure Bastion that allows authenticated...

Same vulnerability type (CWE-294)
CVE-2022-29334 9.8

CVE-2022-29334 is an authentication bypass vulnerability in H v1.0 that allows attackers to gain una...

Same vulnerability type (CWE-294)
CVE-2018-17932 9.8

CVE-2018-17932 affects JUUKO K-800 industrial control devices, allowing attackers to replay commands...

Same vulnerability type (CWE-294)