29 matches found
EUVD-2021-24001
Malware in sbrugna...
EUVD-2023-37416
Malicious code in bioql PyPI...
EUVD-2022-30449
Malicious code in bioql PyPI...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
CVE-2021-37436
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing...
CVE-2019-15027
The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
Design/Logic Flaw
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2023-33248
CVE-2023-33248 affects Amazon Alexa on Echo Dot 2nd/3rd gen with firmware version 8960323972. The flaw allows attackers to deliver security-relevant commands via ultrasonic audio signals in the 16–22 kHz range, which are often outside adult hearing. Impacted component is the Alexa software’s comm...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
Input validation
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...
Amazon Echo Dot 安全漏洞
The Amazon Echo Dot is a voice-activated speaker from Amazon.com. It can be used to play music, control smart home devices, make calls, answer questions, set timers and alarms, and more using Alexa. The Amazon Echo Dot 3rd and 4th generation has a security vulnerability that stems from improper...
CVE-2022-25809
CVE-2022-25809 affects Amazon Echo Dot devices (3rd and 4th Gen). Root cause: improper neutralization of audio output enables arbitrary voice command execution via a malicious skill (remote) or by pairing a malicious Bluetooth device (physical proximity) in an Alexa-versus-Alexa (AvA) scenario. I...
PT-2022-17534 · Amazon · Amazon Echo Dot
Name of the Vulnerable Software and Affected Versions: Amazon Echo Dot devices, 3rd and 4th Generation Description: The issue allows for arbitrary voice command execution on affected devices. This can be achieved by a remote attacker using a malicious skill or by a physically proximate attacker...