CVE-2022-25809
- EPSS 7.45%
- Veröffentlicht 24.02.2022 15:15:32
- Zuletzt bearbeitet 21.11.2024 06:53:02
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (...
CVE-2021-37436
- EPSS 0.09%
- Veröffentlicht 24.07.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:15:08
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vend...
CVE-2018-11567
- EPSS 0.2%
- Veröffentlicht 30.05.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:37
Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an add...