9 matches found
EUVD-2021-27233
Malware in sbrugna...
CVE-2021-40043
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4H100SP13C00. The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerabili...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
CVE-2022-25809
CVE-2022-25809 affects Amazon Echo Dot devices (3rd and 4th Gen). Root cause: improper neutralization of audio output enables arbitrary voice command execution via a malicious skill (remote) or by pairing a malicious Bluetooth device (physical proximity) in an Alexa-versus-Alexa (AvA) scenario. I...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
PT-2022-17534 · Amazon · Amazon Echo Dot
Name of the Vulnerable Software and Affected Versions: Amazon Echo Dot devices, 3rd and 4th Generation Description: The issue allows for arbitrary voice command execution on affected devices. This can be achieved by a remote attacker using a malicious skill or by a physically proximate attacker...
Researchers Hacked Amazon’s Alexa to Spy On Users, Again
A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices – and automatically transcribe every word said. Checkmarx researchers told Threatpost that they created a proof-of-concept Alexa Skill that abuses...
Blowback: Microsoft, OnStar Pump the Brakes on Location Tracking
Redmond, Washington software giant, Microsoft, and Detroit based GM subsidiary, OnStar backtracked on policies widely seen as egregious privacy violations following lawsuits and public outcry. Here’s the news: Windows Phone Update Requires User Consent For Tracking Microsoft released their “Mango...