CVE-2020-11924

Опубликовано: 02 апр. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device.

Ссылки

http://seclists.org/fulldisclosure/2024/Jul/14
https://www.eurofins-cybersecurity.com/news/connected-devices-wiz-smart-lightbulbs/
Exploit
Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/14
https://www.eurofins-cybersecurity.com/news/connected-devices-wiz-smart-lightbulbs/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:wizconnected:colors_a60_firmware:1.14.0:*:*:*:*:*:*:*

cpe:2.3:h:wizconnected:colors_a60:-:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00094

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-r85r-2583-q5cq