Lucene search

[email protected]NVD:CVE-2022-47100

HistoryJan 26, 2023 - 9:18 p.m.

CVE-2022-47100

2023-01-2621:18:03

[email protected]

web.nvd.nist.gov

vulnerability

sengled smart bulb

factory reset

ieee 802.15.4

crafted frame

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

31.6%

JSON

A vulnerability in Sengled Smart bulb 0x0000024 allows attackers to arbitrarily perform a factory reset on the device via a crafted IEEE 802.15.4 frame.

Affected configurations

Nvd

Node

sengledes21-n1eaw_firmwareMatch0x0000024

AND

sengledes21-n1eawMatch-

VendorProductVersionCPE
sengledes21-n1eaw_firmware0x0000024cpe:2.3:o:sengled:es21-n1eaw_firmware:0x0000024:*:*:*:*:*:*:*
sengledes21-n1eaw-cpe:2.3:h:sengled:es21-n1eaw:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sengled	es21-n1eaw_firmware	0x0000024	cpe:2.3:o:sengled:es21-n1eaw_firmware:0x0000024:::::::*
sengled	es21-n1eaw	-	cpe:2.3:h:sengled:es21-n1eaw:-:::::::*

References

github.com/iot-sec23/IoT-CVE/blob/main/Sengled%20Smart%20Bulb%20Vulnerability%20Report.pdf

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

31.6%

JSON

Related for NVD:CVE-2022-47100

cvelist1 prion1 cve1