Lucene search
K

84 matches found

Cvelist
Cvelist
added 2021/08/03 2:36 p.m.22 views

CVE-2021-27953

A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request...

7.5AI score0.01674EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/08/03 2:26 p.m.18 views

CVE-2021-27954

A heap-based buffer overflow vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HKProcessConfig function of the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to force the device to connect to a SSID or cause a denial of service...

8.4AI score0.00936EPSS
Exploits1References1
CVE
CVE
added 2021/08/03 2:26 p.m.47 views

CVE-2021-27954

CVE-2021-27954 affects ecobee3 lite devices (version 4.5.81.200) with a heap-based buffer overflow in HKProcessConfig of the HomeKit Wireless Access Control setup. The underlying cause is improper data boundary validation in HKProcessConfig, enabling an attacker to force the device to connect to ...

8.2CVSS8.2AI score0.00936EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/08/03 12:0 a.m.5 views

Ecobee Ecobee3 Lite 缓冲区错误漏洞

Ecobee Ecobee3 Lite is a Wi-Fi smart thermostat from Ecobee Canada.A buffer error vulnerability exists in Ecobee Ecobee3 Lite, which stems from HKProcessConfig in the product's HomeKit wireless access control settings failing to properly validate data boundaries, which could be used by an attacke...

8.2CVSS5.9AI score0.00936EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/08/03 12:0 a.m.6 views

PT-2021-17693 · Ecobee · Ecobee3 Lite

Name of the Vulnerable Software and Affected Versions: ecobee3 lite version 4.5.81.200 Description: A heap-based buffer overflow vulnerability exists in the HKProcessConfig function of the HomeKit Wireless Access Control setup process. An attacker can exploit this vulnerability to force the devic...

8.2CVSS8.2AI score0.00936EPSS
Exploits1References4
OSV
OSV
added 2017/12/25 9:29 p.m.3 views

CVE-2017-13903

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Wat...

7.5CVSS5.8AI score0.01059EPSS
Exploits0References5
NVD
NVD
added 2017/12/25 9:29 p.m.16 views

CVE-2017-13903

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Wat...

7.5CVSS6.5AI score0.01059EPSS
Exploits0References5
Prion
Prion
added 2017/12/25 9:29 p.m.14 views

Code injection

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Wat...

5CVSS6.3AI score0.01059EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2017/12/25 9:0 p.m.60 views

CVE-2017-13903

The CVE-2017-13903 issue affects Apple iOS 11.2.1 and tvOS 11.2.1, with HomeKit’s message handling allowing a remote attacker to alter application state. Root cause: improper message handling within HomeKit enabling state changes when processing messages (Apple notes a fix via improved input vali...

7.5CVSS6.3AI score0.01059EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2017/12/25 9:0 p.m.18 views

CVE-2017-13903

An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Wat...

6.5AI score0.01059EPSS
Exploits0References5
Schneier on Security
Schneier on Security
added 2017/12/21 12:49 p.m.8 views

Security Vulnerability in Apple's HomeKit

The story of the recent vulnerability in Apple's HomeKit...

7AI score
Exploits0
CNVD
CNVD
added 2017/12/18 12:0 a.m.1 views

Apple iOS and tvOS HomeKit Security Bypass Vulnerability

Apple iOS and tvOS are both products of the American company Apple. The former is an operating system for mobile devices; the latter is an operating system for smart TVs, of which HomeKit is a smart home platform component. A security bypass vulnerability exists in the HomeKit component in Apple...

7.5CVSS6.5AI score0.01059EPSS
Exploits0References1
Apple
Apple
added 2017/12/13 6:34 a.m.26 views

About the security content of tvOS 11.2.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

7.5CVSS0.2AI score0.01059EPSS
Exploits0Affected Software1
Apple
Apple
added 2017/12/13 6:15 a.m.25 views

About the security content of iOS 11.2.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

7.5CVSS0.2AI score0.01059EPSS
Exploits0Affected Software1
Apple
Apple
added 2017/12/13 12:0 a.m.24 views

About the security content of iOS 11.2.1

About the security content of iOS 11.2.1 This document describes the security content of iOS 11.2.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

7.5CVSS7.1AI score0.01059EPSS
Exploits0References1Affected Software1
Apple
Apple
added 2017/12/13 12:0 a.m.29 views

About the security content of tvOS 11.2.1

About the security content of tvOS 11.2.1 This document describes the security content of tvOS 11.2.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

7.5CVSS7.3AI score0.01059EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2017/12/08 10:31 a.m.9 views

Apple Fixes Flaw Impacting HomeKit Devices

Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers. The flaw was first reported by the publication 9to5Mac on Thursday. According to the...

0.7AI score
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2017/04/10 12:0 a.m.10 views

The vulnerability of the iOS operating system, which allows a hacker to compromise the security of information.

The vulnerability of the HomeKit operating system’s iOS component exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise information security by manipulating the Home Control element within the Control Center...

10CVSS7.7AI score0.02431EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/04/02 1:59 a.m.3 views

CVE-2017-2434

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the presence of Home Control on Control Center...

9.8CVSS7.3AI score0.02431EPSS
Exploits0References3
NVD
NVD
added 2017/04/02 1:59 a.m.16 views

CVE-2017-2434

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the presence of Home Control on Control Center...

10CVSS7.9AI score0.02431EPSS
Exploits0References3
Rows per page
Query Builder