CVE-2019-16518

Exploit

EPSS 0.08%
Veröffentlicht 23.09.2019 15:15:10
Zuletzt bearbeitet 21.11.2024 04:30:44
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered on Swell Kit Mod devices that use the Vandy Vape platform. An attacker may be able to trigger an unintended temperature in the victim's mouth and throat via Bluetooth Low Energy (BLE) packets that specify large power or voltage values.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vandyvape ≫ Swell Kit Mod Firmware Version2.0.2

Vandyvape ≫ Swell Kit Mod Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.202

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:P/A:N

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

https://gitlab.com/crypt0crc/cve-2019-16518

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2019-16518

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-16518

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-16518

EUVD