Sign-up

ID

VAR-201805-0454


CVE

CVE-2018-11567


TITLE

Amazon Echo Session fixation vulnerability in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-005607

DESCRIPTION

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work. ** Unsettled ** This case has not been confirmed as a vulnerability. Amazon Echo The device contains a session fixation vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2018-11567Information may be obtained

Trust: 1.62

sources: NVD: CVE-2018-11567 // JVNDB: JVNDB-2018-005607

AFFECTED PRODUCTS

vendor:amazonmodel:echo dotscope:ltversion:2018-04-27

Trust: 1.0

vendor:amazonmodel:echo plusscope:ltversion:2018-04-27

Trust: 1.0

vendor:amazonmodel:echo spotscope:ltversion:2018-04-27

Trust: 1.0

vendor:amazonmodel:echoscope:ltversion:2018-04-27

Trust: 1.0

vendor:amazonmodel:echo showscope:ltversion:2018-04-27

Trust: 1.0

vendor:amazon commodel:echo dotscope:eqversion:2018/04/27

Trust: 0.8

vendor:amazon commodel:echo plusscope:eqversion:2018/04/27

Trust: 0.8

vendor:amazon commodel:echo showscope:eqversion:2018/04/27

Trust: 0.8

vendor:amazon commodel:echo spotscope:eqversion:2018/04/27

Trust: 0.8

vendor:amazon commodel:echoscope:eqversion:2018/04/27

Trust: 0.8

sources: JVNDB: JVNDB-2018-005607 // NVD: CVE-2018-11567

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-11567
value: LOW

Trust: 1.0

NVD: CVE-2018-11567
value: LOW

Trust: 0.8

CNNVD: CNNVD-201805-993
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-11567
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2018-11567
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: JVNDB: JVNDB-2018-005607 // CNNVD: CNNVD-201805-993 // NVD: CVE-2018-11567

PROBLEMTYPE DATA

problemtype:CWE-384

Trust: 1.8

sources: JVNDB: JVNDB-2018-005607 // NVD: CVE-2018-11567

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-993

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201805-993

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-005607

PATCH
title:Amazon Echourl:https://www.amazon.com/Amazon-Echo...Alexa.../B00X4WHP5E
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-005607

EXTERNAL IDS
db:NVDid:CVE-2018-11567
Trust: 2.4
db:JVNDBid:JVNDB-2018-005607
Trust: 0.8
db:CNNVDid:CNNVD-201805-993
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-005607 // 
            
            
            
            CNNVD: CNNVD-201805-993 // 
            
            
            
            NVD: CVE-2018-11567

REFERENCES
url:https://www.checkmarx.com/2018/04/25/eavesdropping-with-amazon-alexa/
Trust: 2.4
url:https://info.checkmarx.com/hubfs/amazon_echo_research.pdf
Trust: 2.4
url:https://www.wired.com/story/amazon-echo-alexa-skill-spying/
Trust: 1.6
url:https://www.yahoo.com/news/amazon-alexa-bug-let-hackers-104609600.html
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11567
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-11567
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-005607 // 
            
            
            
            CNNVD: CNNVD-201805-993 // 
            
            
            
            NVD: CVE-2018-11567

SOURCES
db:JVNDBid:JVNDB-2018-005607
db:CNNVDid:CNNVD-201805-993
db:NVDid:CVE-2018-11567

LAST UPDATE DATE
2024-11-23T21:53:10.420000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2018-005607date:2018-07-24T00:00:00
db:CNNVDid:CNNVD-201805-993date:2018-05-31T00:00:00
db:NVDid:CVE-2018-11567date:2024-11-21T03:43:37.953

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2018-005607date:2018-07-24T00:00:00
db:CNNVDid:CNNVD-201805-993date:2018-05-31T00:00:00
db:NVDid:CVE-2018-11567date:2018-05-30T22:29:00.243