CVE-2021-20107

moderate-risk
Published 2021-06-30

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low Energy (BLE) connectivity to read and write to many BLE characteristics on the device. Some of these control the flow of water, the sensitivity of the sensors, and information about maintenance.

Do I need to act?

-
0.07% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.4/10 Medium
ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Optima Eaf-100 Firmware
Optima Eaf-150 Firmware
Optima Eaf-200 Firmware
Optima Eaf-225 Firmware
Optima Eaf-250 Firmware
Optima Eaf-275 Firmware
Optima Eaf-350 Firmware
Optima Eaf-700 Firmware
Optima Eaf-750 Firmware
Optima Ebf-187 Firmware
Optima Ebf-415 Firmware
Optima Ebf-425 Firmware
Optima Ebf-550 Firmware
Optima Ebf-615 Firmware
Optima Ebf-650 Firmware
Optima Ebf-665 Firmware
Optima Ebf-750 Firmware
Optima Ebf-775 Firmware
Optima Ebf-85 Firmware
Optima Ebf-850 Firmware

Affected Vendors

Sloan

References (2)

Exploit https://www.tenable.com/security/research/tra-2021-26-0
Exploit https://www.tenable.com/security/research/tra-2021-26-0
46
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 28/34 · Critical