CVE-2023-6998 – This vulnerability allows attackers to bypass t... (How to Fix)

Q: What is the severity of CVE-2023-6998?

CVE-2023-6998 has a CVSS score of 7.7 (HIGH). This vulnerability allows attackers to bypass the lockscreen on eWeLink mobile apps, potentially accessing the application without proper authentication. It affects Android and iOS users running eWeLink versions before 5.2.0. The issue stems from improper privilege management in the application's security controls.

📋 TL;DR

This vulnerability allows attackers to bypass the lockscreen on eWeLink mobile apps, potentially accessing the application without proper authentication. It affects Android and iOS users running eWeLink versions before 5.2.0. The issue stems from improper privilege management in the application's security controls.

💻 Affected Systems

Products:

CoolKit Technology eWeLink

Versions: All versions before 5.2.0

Operating Systems: Android, iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the mobile applications, not the web interface or backend systems. Requires the lockscreen feature to be enabled in the app.

📦 What is this software?

Ewelink by Coolkit

View all CVEs affecting Ewelink →

Ewelink by Coolkit

View all CVEs affecting Ewelink →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with physical access to a device could bypass the lockscreen and gain unauthorized access to the eWeLink app, potentially controlling connected smart home devices, viewing sensitive information, or modifying device settings.

🟠

Likely Case

Local attackers or users with brief physical access to a device could bypass the lockscreen to access the eWeLink application without authorization, compromising smart home device control and user privacy.

🟢

If Mitigated

With proper device physical security controls and updated software, the risk is limited to authorized users only, maintaining normal application functionality.

🌐 Internet-Facing: LOW - This is primarily a local attack requiring physical access to the mobile device, not exploitable over the internet.

🏢 Internal Only: MEDIUM - Within environments where devices are shared or physical security is lax, this could allow unauthorized access to smart home controls.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires physical access to the mobile device. The specific bypass method is not publicly documented but is described as a lockscreen bypass vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.2.0 and later

Vendor Advisory: https://ewelink.cc/app/

Restart Required: No

Instructions:

1. Open Google Play Store (Android) or App Store (iOS). 2. Search for 'eWeLink'. 3. If an update is available, tap 'Update'. 4. Ensure version is 5.2.0 or higher.

🔧 Temporary Workarounds

Disable App Lockscreen

all

Temporarily disable the lockscreen feature in eWeLink app settings to remove the vulnerable component

Enable Device-Level Security

all

Use device-level lockscreen/passcode instead of app-level lockscreen for protection

🧯 If You Can't Patch

Disable the eWeLink app lockscreen feature in settings
Implement strict physical security controls for mobile devices

🔍 How to Verify

Check if Vulnerable:

Check eWeLink app version in app settings or device app store. If version is below 5.2.0, the device is vulnerable.

Check Version:

Open eWeLink app → Settings → About → Check version number

Verify Fix Applied:

Confirm eWeLink app version is 5.2.0 or higher in app settings or device app store.

📡 Detection & Monitoring

Log Indicators:

Multiple failed lockscreen attempts followed by successful access
Unusual access patterns to smart home devices

Network Indicators:

Unusual device control commands from previously locked devices

SIEM Query:

Not applicable - this is a local mobile app vulnerability without network exploitation

📊 Metadata

CVE ID: CVE-2023-6998

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-305

Published: December 30, 2023

Last Updated: November 21, 2024

🔗 References

https://cert.pl/en/posts/2023/12/CVE-2023-6998/ Third Party Advisory
https://cert.pl/posts/2023/12/CVE-2023-6998/ Third Party Advisory
https://ewelink.cc/app/ Product
https://cert.pl/en/posts/2023/12/CVE-2023-6998/ Third Party Advisory
https://cert.pl/posts/2023/12/CVE-2023-6998/ Third Party Advisory
https://ewelink.cc/app/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6998, you might also want to check these: