CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1383

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.4%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-1383

Amazon » Fire Tv Stick 3rd Gen » Version: N/A

cpe:2.3:h:amazon:fire_tv_stick_3rd_gen:-
Bestbuy » Insignia Tv » Version: N/A

cpe:2.3:h:bestbuy:insignia_tv:-
Amazon » Fire Os » Version: 1

cpe:2.3:o:amazon:fire_os:1
Amazon » Fire Os » Version: 2

cpe:2.3:o:amazon:fire_os:2
Amazon » Fire Os » Version: 3

cpe:2.3:o:amazon:fire_os:3
Amazon » Fire Os » Version: 4

cpe:2.3:o:amazon:fire_os:4
Amazon » Fire Os » Version: 5

cpe:2.3:o:amazon:fire_os:5
Amazon » Fire Os » Version: 5.3.6.3

cpe:2.3:o:amazon:fire_os:5.3.6.3
Amazon » Fire Os » Version: 5.3.6.4

cpe:2.3:o:amazon:fire_os:5.3.6.4
Amazon » Fire Os » Version: 6

cpe:2.3:o:amazon:fire_os:6
Amazon » Fire Os » Version: 6.2.9.5

cpe:2.3:o:amazon:fire_os:6.2.9.5
Amazon » Fire Os » Version: 7

cpe:2.3:o:amazon:fire_os:7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1383

Products

Pricing

Contact Us