cve-2024-6248
Vulnerability from cvelistv5
Published
2024-11-22 20:05
Modified
2024-11-22 20:05
Severity ?
EPSS score ?
Summary
Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability
References
{ "containers": { "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Cam v3", "vendor": "Wyze", "versions": [ { "status": "affected", "version": "4.36.11.7071" } ] } ], "dateAssigned": "2024-06-21T09:52:30.166-05:00", "datePublic": "2024-06-21T15:26:29.651-05:00", "descriptions": [ { "lang": "en", "value": "Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the run_action_batch endpoint of the cloud infrastructure. The issue results from the use of the device\u0027s MAC address as a sole credential for authentication. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22393." } ], "metrics": [ { "cvssV3_0": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287: Improper Authentication", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-22T20:05:42.870Z", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "name": "ZDI-24-839", "tags": [ "x_research-advisory" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-839/" }, { "name": "vendor-provided URL", "tags": [ "vendor-advisory" ], "url": "https://forums.wyze.com/t/security-advisory/289256" } ], "source": { "lang": "en", "value": "Rafal Goryl" }, "title": "Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2024-6248", "datePublished": "2024-11-22T20:05:42.870Z", "dateReserved": "2024-06-21T14:52:30.170Z", "dateUpdated": "2024-11-22T20:05:42.870Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-6248\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2024-11-22T20:15:11.783\",\"lastModified\":\"2024-11-22T20:15:11.783\",\"vulnStatus\":\"Received\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability.\\n\\nThe specific flaw exists within the run_action_batch endpoint of the cloud infrastructure. The issue results from the use of the device\u0027s MAC address as a sole credential for authentication. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22393.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://forums.wyze.com/t/security-advisory/289256\",\"source\":\"zdi-disclosures@trendmicro.com\"},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-24-839/\",\"source\":\"zdi-disclosures@trendmicro.com\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.