Описание
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-31462
- https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users
- https://resources.owllabs.com/blog/owl-labs-update
- https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
Связанные уязвимости
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.
Уязвимость реализации технологии Bluetooth Low Energy (BLE) микропрограммного обеспечения камеры для видеоконференций Meeting Owl Pro, позволяющая нарушителю обойти существующие ограничения безопасности с помощью атаки методом «грубой силы» (brute force)