Technical Report relating to CVE-2022-46480, CVE-2023-26941, CVE-2023-26942, and CVE-2023-26943

The following technical report provides background information relating to four CVEs found in the following products: Ultraloq UL3 BT (CVE-2022-46480); Yale Conexis L1 Smart Lock (CVE-2023-26941); Yale IA-210 Intruder Alarm (CVE-2023-26942); Yale Keyless Smart Lock (CVE-2023-26943). The work discussed here was carried out by Ash Allen, Dr. Alexios Mylonas, and Dr. Stilianos Vidalis as part of a wider research project into smart device security. Responsible disclosure of all four issues has been made with the appropriate vendors, and they have been acknowledged as vulnerabilities.