VAR-201712-1109
Vulnerability from variot - Updated: 2025-04-20 23:32Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 use AES-128 with ECB mode to encrypt voice traffic between the device and remote server, allowing a malicious user to map encrypted traffic to a particular AES key index and gaining further access to eavesdrop on privacy-sensitive voice communication of a child and their Dino device. Elemental Path of CogniToys Dino Smart toy (smart toy) Vulnerabilities exist in vulnerabilities related to key management errors.Information may be obtained. ElementalPath'sCogniToysDino is a smart toy from EElementalPath's in the United States that can communicate with children. An information disclosure vulnerability exists in ElementalPathCogniToysDino that uses firmware version 0.0.794 and earlier. The vulnerability stems from the program using AES-128 encrypted voice traffic with ECB mode. An attacker could exploit this vulnerability to map specially crafted traffic to an AES key index and listen for sensitive voice traffic
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-1109",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "stemosaur",
"scope": "lte",
"trust": 1.0,
"vendor": "cognitoys",
"version": "0.0.794"
},
{
"model": "stemosaur",
"scope": null,
"trust": 0.8,
"vendor": "elemental path",
"version": null
},
{
"model": "path\u0027s cogni toys dino",
"scope": "lte",
"trust": 0.6,
"vendor": "elemental",
"version": "\u003c=0.0.794"
},
{
"model": "stemosaur",
"scope": "eq",
"trust": 0.6,
"vendor": "cognitoys",
"version": "0.0.794"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:elementalpath:stemosaur_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
}
]
},
"cve": "CVE-2017-8867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-8867",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-00677",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-117070",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-8867",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8867",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-8867",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-00677",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-546",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117070",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Elemental Path\u0027s CogniToys Dino smart toys through firmware version 0.0.794 use AES-128 with ECB mode to encrypt voice traffic between the device and remote server, allowing a malicious user to map encrypted traffic to a particular AES key index and gaining further access to eavesdrop on privacy-sensitive voice communication of a child and their Dino device. Elemental Path of CogniToys Dino Smart toy (smart toy) Vulnerabilities exist in vulnerabilities related to key management errors.Information may be obtained. ElementalPath\u0027sCogniToysDino is a smart toy from EElementalPath\u0027s in the United States that can communicate with children. An information disclosure vulnerability exists in ElementalPathCogniToysDino that uses firmware version 0.0.794 and earlier. The vulnerability stems from the program using AES-128 encrypted voice traffic with ECB mode. An attacker could exploit this vulnerability to map specially crafted traffic to an AES key index and listen for sensitive voice traffic",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8867",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-00677",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117070",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"id": "VAR-201712-1109",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
}
]
},
"last_update_date": "2025-04-20T23:32:46.491000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://elementalpath.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-320",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://dl.acm.org/citation.cfm?id=3139947"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8867"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8867"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"db": "VULHUB",
"id": "VHN-117070"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"date": "2017-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-117070"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"date": "2017-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"date": "2017-12-11T21:29:00.860000",
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00677"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117070"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011563"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-546"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8867"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Elemental Path of CogniToys Dino Smart toy firmware key management error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011563"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-546"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…