Primary

Context

Be-Tech Mifare Classic Cards Cleartext Data Storage Vulnerability Allowing Master Key Creation

Vulnerability

A vulnerability exists in Be-Tech Mifare Classic cards, where data is stored in cleartext. This allows an attacker with access to a hotel guest card to create a master key card that can unlock all the locks in the building. The issue affects all Be-Tech Mifare Classic card systems.

Impact

Exploitation of this vulnerability allows for the creation of a master key card that unlocks all locks in a building, potentially leading to unauthorized access to guest rooms and other secured areas.

Remediation

To address this vulnerability, it is necessary to replace the software, encoder, cards, and PCBs in the locks.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

4.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

4.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Be-Tech Mifare Classic Cards Cleartext Data Storage Vulnerability Allowing Master Key Creation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating