CVE-2016-6543

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data

EPSS 2.2%CWE-799

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.

Productos afectados

iTrack · Easy

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/https://www.kb.cert.org/vuls/id/974055 http://www.securityfocus.com/bid/93875