CVE-2018-16272

2020-01-2213:04:37

mitre

www.cve.org

9.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.9%

JSON

The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.

References

media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdf

www.youtube.com/watch?v=3IdgBwbOT-g&feature=youtu.be