Design/Logic Flaw

2019-03-0105:29:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.7%

JSON

Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.

CPENameOperatorVersion
ring_video_doorbell_firmwarelt3.4.7

CPE	Name	Operator	Version
	ring_video_doorbell_firmware	lt	3.4.7

References

dojo.bullguard.com/dojo-by-bullguard/blog/ring/

www.theverge.com/2019/2/27/18243296/ring-doorbell-hacked-fake-images-security-experts