CVE-2022-47100

Exploit

EPSS 0.32%
Veröffentlicht 26.01.2023 21:18:03
Zuletzt bearbeitet 02.04.2025 16:15:22
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in Sengled Smart bulb 0x0000024 allows attackers to arbitrarily perform a factory reset on the device via a crafted IEEE 802.15.4 frame.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sengled ≫ Es21-n1eaw Firmware Version0x0000024

Sengled ≫ Es21-n1eaw Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.32%	0.544

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/iot-sec23/IoT-CVE/blob/main/Sengled%20Smart%20Bulb%20Vulnerability%20Report.pdf

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-47100

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-47100

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-47100

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-47100