The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| roku | roku_firmware | - |
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 2.1 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| roku | roku_os | * |
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| throughtek | kalay_platform | - |
| roku | indoor_camera_se_firmware | 3.0.2.4679 |
| wyze | cam_v3_firmware | 4.36.11.5859 |
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| owletcare | cam_2_firmware | * |
| throughtek | kalay_platform | - |
| owletcare | cam_firmware | * |
| roku | indoor_camera_se_firmware | 3.0.2.4679 |
| wyze | cam_v3_firmware | 4.36.11.5859 |
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| owletcare | cam_2_firmware | * |
| throughtek | kalay_platform | - |
| owletcare | cam_firmware | * |
| roku | indoor_camera_se_firmware | 3.0.2.4679 |
| wyze | cam_v3_firmware | 4.36.11.5859 |