Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9
CVE-2017-8865
- EPSS 0.25%
- Veröffentlicht 11.12.2017 21:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to an...
5.9
CVE-2017-8866
- EPSS 0.12%
- Veröffentlicht 11.12.2017 21:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server.
5.9
CVE-2017-8867
- EPSS 0.25%
- Veröffentlicht 11.12.2017 21:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 use AES-128 with ECB mode to encrypt voice traffic between the device and remote server, allowing a malicious user to map encrypted traffic to a particular AES key index and ...
1