Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.
References
Link | Resource |
---|---|
https://iayanpahwa.github.io/Reverse-Engineering-IoT-Devices/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2020-02-10 21:39
Updated : 2024-02-28 17:28
NVD link : CVE-2017-18642
Mitre link : CVE-2017-18642
CVE.ORG link : CVE-2017-18642
JSON object : View
Products Affected
syska
- smartlight_rainbow_led_smart_bulb
- smartlight_rainbow_led_smart_bulb_firmware
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor