CVE-2018-11567

Medienbericht

Exploit

EPSS 0.2%
Veröffentlicht 30.05.2018 22:29:00
Zuletzt bearbeitet 21.11.2024 03:43:37
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Amazon ≫ Echo Show Firmware Version < 2018-04-27

Amazon ≫ Echo Show Version-

Amazon ≫ Echo Plus Firmware Version < 2018-04-27

Amazon ≫ Echo Plus Version-

Amazon ≫ Echo Dot Firmware Version < 2018-04-27

Amazon ≫ Echo Dot Version-

Amazon ≫ Echo Spot Firmware Version < 2018-04-27

Amazon ≫ Echo Spot Version-

Amazon ≫ Echo Firmware Version < 2018-04-27

Amazon ≫ Echo Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.427

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.3	1.8	1.4	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-384 Session Fixation

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

https://info.checkmarx.com/hubfs/Amazon_Echo_Research.pdf

Third Party Advisory

Exploit

https://www.checkmarx.com/2018/04/25/eavesdropping-with-amazon-alexa/

Third Party Advisory

https://www.wired.com/story/amazon-echo-alexa-skill-spying/

Third Party Advisory

Press/Media Coverage

https://www.yahoo.com/news/amazon-alexa-bug-let-hackers-104609600.html

Third Party Advisory

Press/Media Coverage

https://nvd.nist.gov/vuln/detail/CVE-2018-11567

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11567

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11567

EUVD