A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| throughtek | kalay_platform | - |
| owletcare | cam_2_firmware | * |
| owletcare | cam_firmware | * |
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wyze | cam_v3_firmware | 4.36.11.5859 |
| throughtek | kalay_platform | - |
| roku | indoor_camera_se_firmware | 3.0.2.4679 |
| owletcare | cam_2_firmware | * |
| owletcare | cam_firmware | * |
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wyze | cam_v3_firmware | 4.36.11.5859 |
| throughtek | kalay_platform | - |
| roku | indoor_camera_se_firmware | 3.0.2.4679 |
| owletcare | cam_2_firmware | * |
| owletcare | cam_firmware | * |