Search
Find a vulnerability
Search criteria
2 vulnerabilities found for pebble_firmware by pebble
CVE-2016-10702 (GCVE-0-2016-10702)
Vulnerability from nvd – Published: 2017-11-28 07:00 – Updated: 2024-08-06 03:30
VLAI
EPSS
VEX
Summary
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://blog.fletchto99.com/2016/november/pebble-… | x_refsource_MISC |
Date Public
2017-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application\u0027s flash storage, and access an arbitrary application\u0027s JavaScript instance, by modifying a UUID value within the header of a crafted application binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T06:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application\u0027s flash storage, and access an arbitrary application\u0027s JavaScript instance, by modifying a UUID value within the header of a crafted application binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/",
"refsource": "MISC",
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10702",
"datePublished": "2017-11-28T07:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:30:20.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10702 (GCVE-0-2016-10702)
Vulnerability from cvelistv5 – Published: 2017-11-28 07:00 – Updated: 2024-08-06 03:30
VLAI
EPSS
VEX
Summary
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://blog.fletchto99.com/2016/november/pebble-… | x_refsource_MISC |
Date Public
2017-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application\u0027s flash storage, and access an arbitrary application\u0027s JavaScript instance, by modifying a UUID value within the header of a crafted application binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T06:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application\u0027s flash storage, and access an arbitrary application\u0027s JavaScript instance, by modifying a UUID value within the header of a crafted application binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/",
"refsource": "MISC",
"url": "https://blog.fletchto99.com/2016/november/pebble-app-sandbox-escape/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10702",
"datePublished": "2017-11-28T07:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:30:20.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}