CVE-2015-5729

The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.
References
Link Resource
http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.html Exploit Technical Description Third Party Advisory
http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.html Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2015/Dec/79 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/79675 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034503 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034504 Third Party Advisory VDB Entry
http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.html Exploit Technical Description Third Party Advisory
http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.html Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2015/Dec/79 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/79675 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034503 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034504 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:nt14u_firmware:t-nt14uakucb-1008.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:nt14u_us:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14j_us:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:x14h_firmware:t-mst14dcncb-1010.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14h_cn:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:x12_firmware:t-mst12akucb-1114.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x12_us:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:x10p_firmware:t-mst10pibrcb-1104.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x10p_ibr:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:nt14u_firmware:t-nt14udeucb-1007.1:*:*:*:*:*:*:*
cpe:2.3:h:samsung:nt14u_eu:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:samsung:nt14u_firmware:t-nt14udcncb-1003.1:*:*:*:*:*:*:*
cpe:2.3:h:samsung:nt14u_cn:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:samsung:x14j_firmware:t-ms14jdeucb-1018.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14j_eu:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:samsung:x14j_firmware:t-ms14jdcncb-1004.2:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14j_cn:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:samsung:x14h_firmware:t-mst14akucb-1100.4:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14h_us:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:samsung:x14h_firmware:t-mst14deucb-1023.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x14h_eu:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:samsung:x12_firmware:t-mst12deucb-1111.4:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x12_eu:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:samsung:x10p_firmware:t-mst10pauscp-1302.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x10p_us:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:samsung:x10p_firmware:t-mst10pdeucb-1210.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:x10p_eu:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:samsung:m288ofw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:m288ofw:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:33

Type Values Removed Values Added
References () http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.html - Exploit, Technical Description, Third Party Advisory () http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.html - Exploit, Technical Description, Third Party Advisory
References () http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.html - Exploit, Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2015/Dec/79 - Third Party Advisory, VDB Entry () http://seclists.org/fulldisclosure/2015/Dec/79 - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/79675 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/79675 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1034503 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1034503 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1034504 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1034504 - Third Party Advisory, VDB Entry

Information

Published : 2017-03-23 20:59

Updated : 2024-11-21 02:33


NVD link : CVE-2015-5729

Mitre link : CVE-2015-5729

CVE.ORG link : CVE-2015-5729


JSON object : View

Products Affected

samsung

  • x12_firmware
  • x14h_eu
  • nt14u_eu
  • x12_eu
  • m288ofw_firmware
  • x10p_ibr
  • x10p_us
  • m288ofw
  • x12_us
  • x14j_us
  • x14h_cn
  • x14h_firmware
  • x14j_firmware
  • nt14u_us
  • nt14u_firmware
  • x14j_cn
  • nt14u_cn
  • x10p_eu
  • x10p_firmware
  • x14h_us
  • x14j_eu
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor