Vulnerability Details CVE-2018-20161
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the Wi-Fi network. (Access to live video from the app also becomes unavailable.)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
Products affected by CVE-2018-20161
-
cpe:2.3:a:blinkforhome:sync_module:2.10.4