CVE advisoryCRITICAL
CVE-2023-24080
Chamberlain myQ iOS Rate Limiting Bypass Allows Account Takeover
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in the Chamberlain myQ application's password reset feature could allow attackers to compromise user accounts through brute-force attacks, as rate limiting is not sufficiently implemented. This could lead to unauthorized access and control of connected devices.