Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors.
References
Link | Resource |
---|---|
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/call-an-exorcist-my-robots-possessed/ | Exploit Third Party Advisory |
https://www.robotemi.com/software-updates/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-11T19:16:28
Updated: 2020-09-02T18:10:26
Reserved: 2020-07-30T00:00:00
Link: CVE-2020-16170
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-11T20:15:13.073
Modified: 2023-05-15T18:56:11.143
Link: CVE-2020-16170
JSON object: View
Redhat Information
No data.
CWE