Jisiwei i3 robot vacuum cleaner encryption issue vulnerability

Jisiwei i3 is a vacuuming robot from the Chinese company Jisiwei. A vulnerability with encryption issues exists in version 2.0 of the Jisiwei i3 robot vacuum cleaner APP. The vulnerability stems from a networked system or product that does not properly utilize relevant cryptographic algorithms,...

CVE-2019-12821

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

CVE-2019-12820

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

Design/Logic Flaw

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

Code injection

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

CVE-2019-12821

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

CVE-2019-12821

The CVE concerns the Shenzhen Jisiwei i3 robot vacuum cleaner’s app 2.0. A QR code used to add a device to an account encodes the device ID using a predictable pattern (JSW + six digits). An attacker can generate a QR-code with a target device ID to connect an arbitrary device and gain full acces...

CVE-2019-12820

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

CVE-2019-12820

The CVE-2019-12820 entry concerns the Shenzhen Jisiwei i3 robot vacuum cleaner app 2.0 (Android/iOS). The vulnerability is that login and other personal information communications between the app and its server are sent over unencrypted HTTP, enabling a local-network MiTM attacker to capture cred...

Researchers hack vacuum cleaner; turn it into perfect spying device

By Waqas According to the findings of Check Point researchers, there is This is a post from HackRead.com Read the original post: Researchers hack vacuum cleaner; turn it into perfect spying device...

News Roundup: What The Experts Are Saying About The Flame Worm

UPDATE: Are the winds of cyber war blowing, or is the newly discovered Flame worm just a tempest in a teapot? Just days after it was disclosed to the public, the Flame worm is fanning the flames of controversy within the security world. Threatpost takes a look at what people are saying. Calling...