Search
Find a vulnerability
Search criteria
8 vulnerabilities found for kalay_platform by throughtek
CVE-2023-6324 (GCVE-0-2023-6324)
Vulnerability from nvd – Published: 2024-05-15 12:09 – Updated: 2024-08-02 08:28
VLAI
Title
ThroughTek Kalay SDK error in handling the PSK identity
Summary
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-457 - Use of Uninitialized Variable
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| ThroughTek | Kalay SDK |
Affected:
3.1.10.0 , ≤ 3.1.10.16
(custom)
Affected: 3.2.0.0 , ≤ 3.3.6.1 (custom) Affected: 3.4.0.0 , ≤ 3.4.7.3 (custom) Affected: 4.0.0.0 , ≤ 4.3.3.1 (custom) |
|
| throughtek | kalay_sdk |
Affected:
3.1.10.0
cpe:2.3:a:throughtek:kalay_sdk:3.1.10.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
3.2.0.0
cpe:2.3:a:throughtek:kalay_sdk:3.2.0.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
3.4.0.0
cpe:2.3:a:throughtek:kalay_sdk:3.4.0.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
4.0.0.0
cpe:2.3:a:throughtek:kalay_sdk:4.0.0.0:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.1.10.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.1.10.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.2.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.4.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.4.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:4.0.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "4.0.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T16:02:56.677237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:18.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kalay SDK",
"vendor": "ThroughTek",
"versions": [
{
"lessThanOrEqual": "3.1.10.16",
"status": "affected",
"version": "3.1.10.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.3.6.1",
"status": "affected",
"version": "3.2.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4.7.3",
"status": "affected",
"version": "3.4.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.3.3.1",
"status": "affected",
"version": "4.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457 Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:09:29.682Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ThroughTek Kalay SDK error in handling the PSK identity",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6324",
"datePublished": "2024-05-15T12:09:29.682Z",
"dateReserved": "2023-11-27T14:22:36.362Z",
"dateUpdated": "2024-08-02T08:28:21.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6323 (GCVE-0-2023-6323)
Vulnerability from nvd – Published: 2024-05-15 12:08 – Updated: 2024-08-02 08:28
VLAI
Title
ThroughTek Kalay SDK insufficient verification of message authenticity
Summary
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ThroughTek | Kalay SDK |
Affected:
0 , < 4.3.4.2
(custom)
|
|
| throughtek | kalay_sdk |
Affected:
*
cpe:2.3:a:throughtek:kalay_sdk:*:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:21:02.557530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:09.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kalay SDK",
"vendor": "ThroughTek",
"versions": [
{
"lessThan": "4.3.4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server."
}
],
"impacts": [
{
"capecId": "CAPEC-151",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-151 Identity Spoofing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:08:57.397Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ThroughTek Kalay SDK insufficient verification of message authenticity",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6323",
"datePublished": "2024-05-15T12:08:57.397Z",
"dateReserved": "2023-11-27T14:22:35.440Z",
"dateUpdated": "2024-08-02T08:28:21.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6322 (GCVE-0-2023-6322)
Vulnerability from nvd – Published: 2024-05-15 12:08 – Updated: 2024-08-02 08:28
VLAI
Title
Stack-based buffer overflow in message parser functionality
Summary
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Roku | Indoor Camera SE |
Affected:
0 , ≤ 3.0.2.4679
(custom)
|
|
| Wyze | Cam v3 |
Affected:
0 , ≤ 4.36.11.5859
(custom)
|
|
| wyze | cam_v3 |
Affected:
-
cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:* |
|
| roku | indoor_camera_se |
Affected:
-
cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v3",
"vendor": "wyze",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "indoor_camera_se",
"vendor": "roku",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:26:05.292848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:13.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Indoor Camera SE",
"vendor": "Roku",
"versions": [
{
"lessThanOrEqual": "3.0.2.4679",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cam v3",
"vendor": "Wyze",
"versions": [
{
"lessThanOrEqual": "4.36.11.5859",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 - Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:08:24.069Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack-based buffer overflow in message parser functionality",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6322",
"datePublished": "2024-05-15T12:08:24.069Z",
"dateReserved": "2023-11-27T14:22:34.488Z",
"dateUpdated": "2024-08-02T08:28:21.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6321 (GCVE-0-2023-6321)
Vulnerability from nvd – Published: 2024-05-15 12:07 – Updated: 2024-08-02 08:28
VLAI
Title
Owlet Camera OS command injection
Summary
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:owlet:cam_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v2",
"vendor": "owlet",
"versions": [
{
"lessThan": "4.2.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:owlet:cam_v1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v1",
"vendor": "owlet",
"versions": [
{
"lessThan": "4.2.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6321",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T15:37:34.617442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:04:03.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cam v2",
"vendor": "Owlet",
"versions": [
{
"lessThan": "4.2.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cam v1",
"vendor": "Owlet",
"versions": [
{
"lessThan": "4.2.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:07:44.554Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Owlet Camera OS command injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6321",
"datePublished": "2024-05-15T12:07:44.554Z",
"dateReserved": "2023-11-27T14:22:33.541Z",
"dateUpdated": "2024-08-02T08:28:21.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6324 (GCVE-0-2023-6324)
Vulnerability from cvelistv5 – Published: 2024-05-15 12:09 – Updated: 2024-08-02 08:28
VLAI
Title
ThroughTek Kalay SDK error in handling the PSK identity
Summary
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-457 - Use of Uninitialized Variable
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| ThroughTek | Kalay SDK |
Affected:
3.1.10.0 , ≤ 3.1.10.16
(custom)
Affected: 3.2.0.0 , ≤ 3.3.6.1 (custom) Affected: 3.4.0.0 , ≤ 3.4.7.3 (custom) Affected: 4.0.0.0 , ≤ 4.3.3.1 (custom) |
|
| throughtek | kalay_sdk |
Affected:
3.1.10.0
cpe:2.3:a:throughtek:kalay_sdk:3.1.10.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
3.2.0.0
cpe:2.3:a:throughtek:kalay_sdk:3.2.0.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
3.4.0.0
cpe:2.3:a:throughtek:kalay_sdk:3.4.0.0:*:*:*:*:*:*:* |
|
| throughtek | kalay_sdk |
Affected:
4.0.0.0
cpe:2.3:a:throughtek:kalay_sdk:4.0.0.0:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.1.10.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.1.10.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.2.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:3.4.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "3.4.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:4.0.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "4.0.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T16:02:56.677237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:18.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kalay SDK",
"vendor": "ThroughTek",
"versions": [
{
"lessThanOrEqual": "3.1.10.16",
"status": "affected",
"version": "3.1.10.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.3.6.1",
"status": "affected",
"version": "3.2.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4.7.3",
"status": "affected",
"version": "3.4.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.3.3.1",
"status": "affected",
"version": "4.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457 Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:09:29.682Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ThroughTek Kalay SDK error in handling the PSK identity",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6324",
"datePublished": "2024-05-15T12:09:29.682Z",
"dateReserved": "2023-11-27T14:22:36.362Z",
"dateUpdated": "2024-08-02T08:28:21.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6323 (GCVE-0-2023-6323)
Vulnerability from cvelistv5 – Published: 2024-05-15 12:08 – Updated: 2024-08-02 08:28
VLAI
Title
ThroughTek Kalay SDK insufficient verification of message authenticity
Summary
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ThroughTek | Kalay SDK |
Affected:
0 , < 4.3.4.2
(custom)
|
|
| throughtek | kalay_sdk |
Affected:
*
cpe:2.3:a:throughtek:kalay_sdk:*:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:throughtek:kalay_sdk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kalay_sdk",
"vendor": "throughtek",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:21:02.557530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:09.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kalay SDK",
"vendor": "ThroughTek",
"versions": [
{
"lessThan": "4.3.4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server."
}
],
"impacts": [
{
"capecId": "CAPEC-151",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-151 Identity Spoofing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:08:57.397Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ThroughTek Kalay SDK insufficient verification of message authenticity",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6323",
"datePublished": "2024-05-15T12:08:57.397Z",
"dateReserved": "2023-11-27T14:22:35.440Z",
"dateUpdated": "2024-08-02T08:28:21.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6322 (GCVE-0-2023-6322)
Vulnerability from cvelistv5 – Published: 2024-05-15 12:08 – Updated: 2024-08-02 08:28
VLAI
Title
Stack-based buffer overflow in message parser functionality
Summary
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Roku | Indoor Camera SE |
Affected:
0 , ≤ 3.0.2.4679
(custom)
|
|
| Wyze | Cam v3 |
Affected:
0 , ≤ 4.36.11.5859
(custom)
|
|
| wyze | cam_v3 |
Affected:
-
cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:* |
|
| roku | indoor_camera_se |
Affected:
-
cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:* |
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v3",
"vendor": "wyze",
"versions": [
{
"status": "affected",
"version": "-"
}
]
},
{
"cpes": [
"cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "indoor_camera_se",
"vendor": "roku",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:26:05.292848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:13.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Indoor Camera SE",
"vendor": "Roku",
"versions": [
{
"lessThanOrEqual": "3.0.2.4679",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cam v3",
"vendor": "Wyze",
"versions": [
{
"lessThanOrEqual": "4.36.11.5859",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 - Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:08:24.069Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack-based buffer overflow in message parser functionality",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6322",
"datePublished": "2024-05-15T12:08:24.069Z",
"dateReserved": "2023-11-27T14:22:34.488Z",
"dateUpdated": "2024-08-02T08:28:21.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6321 (GCVE-0-2023-6321)
Vulnerability from cvelistv5 – Published: 2024-05-15 12:07 – Updated: 2024-08-02 08:28
VLAI
Title
Owlet Camera OS command injection
Summary
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
Date Public
2024-05-15 12:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:owlet:cam_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v2",
"vendor": "owlet",
"versions": [
{
"lessThan": "4.2.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:owlet:cam_v1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cam_v1",
"vendor": "owlet",
"versions": [
{
"lessThan": "4.2.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6321",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T15:37:34.617442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:04:03.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cam v2",
"vendor": "Owlet",
"versions": [
{
"lessThan": "4.2.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cam v1",
"vendor": "Owlet",
"versions": [
{
"lessThan": "4.2.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Lazar"
},
{
"lang": "en",
"type": "finder",
"value": "Radu Basaraba"
}
],
"datePublic": "2024-05-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T12:07:44.554Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Owlet Camera OS command injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6321",
"datePublished": "2024-05-15T12:07:44.554Z",
"dateReserved": "2023-11-27T14:22:33.541Z",
"dateUpdated": "2024-08-02T08:28:21.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}