Six vulnerabilities exist in the Hickory Smart Bluetooth Enabled Deadbolt, manufactured by Hickory Hardware, which enables users to remotely lock their homes via a mobile app on their Android or iPhone handset. The manufacturer behind the smart lock has deployed patches to the affected apps on the Google Play Store and Apple App Store. The vulnerabilities are medium severity as some level of access to an already compromised mobile device is required for exploitation. But once an attacker accesses a victim s phone, they can easily exploit the flaws to remotely unlock the deadlock from the mobile app.
Source: https://threatpost.com/unpatched-flaws-in-iot-smart-deadbolt-open-homes-to-danger/146871/