Lucene search
K

52 matches found

CVE
CVE
added 2017/04/10 3:0 a.m.48 views

CVE-2016-5057

The CVE-2016-5057 issue affects OSRAM SYLVANIA Osram Lightify Pro, caused by the product not using SSL pinning. This enables potential MITM scenarios where an attacker could intercept SSL traffic. Public details in connected CNVD/EUVD entries indicate versions up to 2016-07-26 are affected. No of...

7.5CVSS7.5AI score0.01211EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.20 views

CVE-2016-5054

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...

7.6AI score0.01148EPSS
Exploits1References1
CVE
CVE
added 2017/04/10 3:0 a.m.42 views

CVE-2016-5052

OSRAM SYLVANIA Osram Lightify Home is affected by CVE-2016-5052. The issue stems from the product’s failure to use SSL pinning in versions up to 2016-07-26, allowing a potential attacker to perform a man-in-the-middle (MITM) attack and intercept SSL/TLS traffic. The CNVD entry confirms the vulner...

7.5CVSS7.5AI score0.01136EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.18 views

CVE-2016-5057

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning...

7.6AI score0.01211EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.16 views

CVE-2016-5053

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000...

9.9AI score0.02737EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.20 views

CVE-2016-5052

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning...

7.6AI score0.01136EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.29 views

CVE-2016-5056

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...

7.6AI score0.01397EPSS
Exploits2References1
CVE
CVE
added 2017/04/10 3:0 a.m.50 views

CVE-2016-5053

CVE-2016-5053 affects OSRAM SYLVANIA Osram Lightify Home. CNVD details indicate a vulnerability in versions released by 2016-07-26 due to the program's failure to use SSL pinning, enabling a man-in-the-middle attack to obtain SSL-encrypted traffic. No remediation or exploit specifics are provided...

9.8CVSS9.7AI score0.02737EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/04/10 3:0 a.m.51 views

CVE-2016-5056

CVE-2016-5056 affects OSRAM SYLVANIA Osram Lightify Pro devices with a PSK limited to 8 hex digits (firmware prior to 2016-07-26). Connected data also references OSRAM Lightify Home vulnerabilities (e.g., MITM risk due to lack of SSL pinning) in related ENISA/CNVD entries, but the Lightify Pro PS...

7.5CVSS7.5AI score0.01397EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2017/04/10 3:0 a.m.46 views

CVE-2016-5051

OSRAM SYLVANIA Osram Lightify Home vulnerability (pre-2016-07-26). The issue stems from the product not using SSL pinning, enabling a Man-in-the-Middle to intercept TLS-encrypted traffic. Affected versions are 2016-07-26 and earlier. The CNVD entry states this vulnerability allows an attacker to ...

7.5CVSS7.5AI score0.01397EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/04/10 3:0 a.m.47 views

CVE-2016-5059

CVE-2016-5059 involves OSRAM SYLVANIA Osram Lightify Home. The CNVD entry (CNVD-2017-12298) describes it as a vulnerability in versions up to 2016-07-26 where the application fails to implement SSL pinning, enabling a man-in-the-middle attacker to intercept SSL/TLS traffic from the affected syste...

6.5CVSS6.2AI score0.01153EPSS
Exploits1References1Affected Software1
ThreatPost
ThreatPost
added 2016/07/26 9:5 a.m.29 views

Unpatched Smart Lighting Flaws Pose IoT Risk to Businesses

A host of web-based vulnerabilities in Osram Lightify smart lighting products remain unpatched, despite private notification to the vendor in late May and CVEs assigned to the issues in June by CERT/CC. Researchers at Rapid7 today publicly disclosed some of the details on each of the nine...

5CVSS8.2AI score0.00934EPSS
Exploits2References1
Rows per page
Query Builder