Vulnerability Details CVE-2016-6543
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.1%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/93875
- https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/
- https://www.kb.cert.org/vuls/id/974055
- http://www.securityfocus.com/bid/93875
- https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/
- https://www.kb.cert.org/vuls/id/974055
Products affected by CVE-2016-6543
-
cpe:2.3:a:ieasytec:itrack_easy:-