5.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
7 High
AI Score
Confidence
Low
2.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:M/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
8.7%
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app
5.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
7 High
AI Score
Confidence
Low
2.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:M/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
8.7%