Code injection

2022-01-1418:15:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.7%

JSON

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.

CPENameOperatorVersion
stories_rw4002_601\\/71_50-22_firmwarelt2107460.6810.0
stories_rw4003_65582v_48-23_firmwarelt2107460.6810.0
stories_rw4005_656013_51-20_firmwarelt2107460.6810.0
stories_rw4005_6563m3_51-20_firmwarelt2107460.6810.0.

Name	Operator	Version
stories_rw4002_601\\/71_50-22_firmware	lt	2107460.6810.0
stories_rw4003_65582v_48-23_firmware	lt	2107460.6810.0
stories_rw4005_656013_51-20_firmware	lt	2107460.6810.0
stories_rw4005_6563m3_51-20_firmware	lt	2107460.6810.0.

References

www.facebook.com/security/advisories/cve-2021-24046