Vulnerability Details CVE-2022-31459
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.0%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 3.3
References
- https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
- https://resources.owllabs.com/blog/owl-labs-update
- https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
- https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
- https://resources.owllabs.com/blog/owl-labs-update
- https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
Products affected by CVE-2022-31459
-
cpe:2.3:h:owllabs:meeting_owl_pro:-
-
cpe:2.3:o:owllabs:meeting_owl_pro_firmware:5.2.0.15