Lucene search
K
OsramLightify Pro

5 matches found

CVE
CVE
added 2017/04/10 3:0 a.m.51 views

CVE-2016-5056

CVE-2016-5056 affects OSRAM SYLVANIA Osram Lightify Pro devices with a PSK limited to 8 hex digits (firmware prior to 2016-07-26). Connected data also references OSRAM Lightify Home vulnerabilities (e.g., MITM risk due to lack of SSL pinning) in related ENISA/CNVD entries, but the Lightify Pro PS...

7.5CVSS7.5AI score0.00934EPSS
CVE
CVE
added 2017/04/10 3:0 a.m.48 views

CVE-2016-5057

The CVE-2016-5057 issue affects OSRAM SYLVANIA Osram Lightify Pro, caused by the product not using SSL pinning. This enables potential MITM scenarios where an attacker could intercept SSL traffic. Public details in connected CNVD/EUVD entries indicate versions up to 2016-07-26 are affected. No of...

7.5CVSS7.5AI score0.01211EPSS
CVE
CVE
added 2017/04/10 3:0 a.m.47 views

CVE-2016-5059

CVE-2016-5059 involves OSRAM SYLVANIA Osram Lightify Home. The CNVD entry (CNVD-2017-12298) describes it as a vulnerability in versions up to 2016-07-26 where the application fails to implement SSL pinning, enabling a man-in-the-middle attacker to intercept SSL/TLS traffic from the affected syste...

6.5CVSS6.2AI score0.01153EPSS
CVE
CVE
added 2017/04/10 3:0 a.m.44 views

CVE-2016-5055

CVE-2016-5055 affects OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26, with XSS in the username field and the Wireless Client Mode configuration page. NVD data lists CVSS2/3 base scores (4.3/6.1) and NETWORK attack vector; impact includes partial integrity and low confidentiality, with user...

6.1CVSS6AI score0.00819EPSS
CVE
CVE
added 2017/04/10 3:0 a.m.39 views

CVE-2016-5058

CVE-2016-5058 references OSRAM SYLVANIA Osram Lightify Pro/Lightify Home. Connected CNVD data reveals a MITM vulnerability in Lightify Home due to the program’s failure to use SSL pinning, affecting versions 2016-07-26 and earlier. An attacker could intercept SSL/TLS traffic and capture encrypted...

7.5CVSS7.5AI score0.01148EPSS