Lucene search

MitreCVE-2023-45955

HistoryOct 31, 2023 - 6:15 p.m.

CVE-2023-45955

2023-10-3118:15:08

CWE-400

mitre

web.nvd.nist.gov

nanoleaf

light strip

v3.5.10

denial of service

security vulnerability

nvd

cve-2023-45955

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service via crafted write binding attribute commands.

Affected configurations

Nvd

Node

nanoleaflightstrip_firmwareMatch3.5.10

AND

nanoleaflightstripMatch-

VendorProductVersionCPE
nanoleaflightstrip_firmware3.5.10cpe:2.3:o:nanoleaf:lightstrip_firmware:3.5.10:*:*:*:*:*:*:*
nanoleaflightstrip-cpe:2.3:h:nanoleaf:lightstrip:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nanoleaf	lightstrip_firmware	3.5.10	cpe:2.3:o:nanoleaf:lightstrip_firmware:3.5.10:::::::*
nanoleaf	lightstrip	-	cpe:2.3:h:nanoleaf:lightstrip:-:::::::*

References

github.com/IoT-Fuzz/IoT-Fuzz/blob/main/Nanoleaf%20Lightstrip%20Vulnerability%20Report.pdf

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

Related for CVE-2023-45955