Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31463 | 1 Owllabs | 2 Meeting Owl Pro, Meeting Owl Pro Firmware | 2024-11-21 | 4.3 MEDIUM | 8.2 HIGH |
| Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. | |||||
| CVE-2022-31462 | 1 Owllabs | 2 Meeting Owl Pro, Meeting Owl Pro Firmware | 2024-11-21 | 5.4 MEDIUM | 9.3 CRITICAL |
| Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data. | |||||
| CVE-2022-31461 | 1 Owllabs | 2 Meeting Owl Pro, Meeting Owl Pro Firmware | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message. | |||||
| CVE-2022-31460 | 1 Owllabs | 2 Meeting Owl Pro, Meeting Owl Pro Firmware | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value. | |||||
| CVE-2022-31459 | 1 Owllabs | 2 Meeting Owl Pro, Meeting Owl Pro Firmware | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth. | |||||