4 matches found
CVE-2019-7399
Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages...
CVE-2019-7399
Vulnerability summary (CVE-2019-7399) : FireOS up to version 5.3.6.3/4 contains a root-cause in the Settings/Terms of Use and Privacy pages where content is loaded without HTTPS. This allows a network-based attacker to perform a man-in-the-middle (MITM) attack to inject malicious content or exfil...
CVE-2019-7399
creationtimestamp| type| source ---|---|--- 2019-02-11 15:26:51+00:00| seen| MISP/5c6193e4-7e50-4b33-99b6-18b10a021402...
Amazon FireOS 5.3.6.3 Man-In-The-Middle
Original blog post here: https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/ SUMMARY The FireOS operating system provided by Amazon for Fire tablet devices can be injected with malicious content by an MITM attacker. An attacker can also...