6 matches found
EUVD-2021-24996
Malware in sbrugna...
CVE-2021-38548
JBL Go 2 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a...
CVE-2021-38546
The CVE-2021-38546 entry covers Creative Pebble devices affected by a Glowworm-style attack. According to redhat and NVD records, remote attackers can recover spoken audio by measuring power-indicator LED emissions with an electro-optical sensor and telescope. The underlying issue links LED outpu...
CVE-2021-38548
CVE-2021-38548 affects JBL Go 2 devices up to 2021-08-09. A remote attacker can recover spoken audio by analyzing measurements from an electro-optical sensor aimed at the device’s power-indicator LED, which is directly tied to the power line; the LED brightness mirrors power use, which varies wit...
CVE-2021-38549
The CVE-2021-38549 entry concerns MIRACASE MHUB500 USB splitters (affected through 2021-08-09) in specific configurations where the device powers audio-output equipment. The vulnerability arises because the power indicator LED is tied to the power line, making LED brightness correlate with power ...
CVE-2021-38365
The connected documents identify CVE-2021-38365 as affecting ToneWinner (Winner) desktop speakers. The vulnerability allows a remote attacker to recover speech signals from the power-indicator LED using a telescope and an electro-optical sensor, a classically described Glowworm attack. The descri...