Lucene search
HistoryAug 02, 2023 - 2:15 p.m.
CVE-2023-33383
shelly 4pm pro
smart switch
ble
vulnerability
out of bounds
read
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
5.2
Confidence
High
EPSS
0.041
Percentile
92.3%
Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload.
Affected configurations
Node
shellypro_4pmMatch-
shellypro_4pm_firmwareMatch0.11.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| shelly | pro_4pm | - | cpe:2.3:h:shelly:pro_4pm:-:*:*:*:*:*:*:* |
| shelly | pro_4pm_firmware | 0.11.0 | cpe:2.3:o:shelly:pro_4pm_firmware:0.11.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-33383
2023-08-02 00:00:00
exploitdb
exploitdb
Shelly PRO 4PM v0.11.0 - Authentication Bypass
2023-08-04 00:00:00
prion
prion
Out-of-bounds
2023-08-02 14:15:00
packetstorm
packetstorm
Shelly PRO 4PM 0.11.0 Authentication Bypass
2023-08-04 00:00:00
cve
cve
CVE-2023-33383
2023-08-02 14:15:10
zdt
zdt
Shelly PRO 4PM v0.11.0 - Authentication Bypass Exploit
2023-08-04 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
5.2
Confidence
High
EPSS
0.041
Percentile
92.3%
Related for NVD:CVE-2023-33383