CVE-2016-6543

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data

EPSS 2.2%CWE-799

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.

Produtos afetados

iTrack · Easy

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/https://www.kb.cert.org/vuls/id/974055 http://www.securityfocus.com/bid/93875