CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-31462

Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.7%

CVSS Severity

CVSS v3 Score 9.3

CVSS v2 Score 5.4

References

https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
https://resources.owllabs.com/blog/owl-labs-update
https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf
https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/
https://resources.owllabs.com/blog/owl-labs-update
https://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf

Products affected by CVE-2022-31462

Owllabs » Meeting Owl Pro » Version: N/A

cpe:2.3:h:owllabs:meeting_owl_pro:-
Owllabs » Meeting Owl Pro Firmware » Version: 5.2.0.15

cpe:2.3:o:owllabs:meeting_owl_pro_firmware:5.2.0.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31462

Products

Pricing

Contact Us