← back
CVE-2022-31462

CVE-2022-31462

CVSS 9.3 CRITICALEPSS 0.8%
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.
CVSS:3.1/AC:L/AV:A/A:N/C:H/I:H/PR:N/S:C/UI:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://arstechnica.com/information-technology/2022/06/vulnerabilities-in-meeting-owl-videoconference-device-imperil-100k-users/https://resources.owllabs.com/blog/owl-labs-updatehttps://www.modzero.com/static/meetingowl/Meeting_Owl_Pro_Security_Disclosure_Report_RELEASE.pdf