Sign-up

ID

VAR-201909-0718


CVE

CVE-2019-16518


TITLE

Swell Kit Mod Vulnerability in leaking resources to the wrong area in devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-009562

DESCRIPTION

An issue was discovered on Swell Kit Mod devices that use the Vandy Vape platform. An attacker may be able to trigger an unintended temperature in the victim's mouth and throat via Bluetooth Low Energy (BLE) packets that specify large power or voltage values. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Trust: 1.71

sources: NVD: CVE-2019-16518 // JVNDB: JVNDB-2019-009562 // VULHUB: VHN-148672

AFFECTED PRODUCTS

vendor:vandyvapemodel:swell kit modscope:eqversion:2.0.2

Trust: 1.6

vendor:vandyvapemodel:swell kit modscope: - version: -

Trust: 0.8

vendor:vandyvapemodel:swell kit modscope:eqversion: -

Trust: 0.6

sources: JVNDB: JVNDB-2019-009562 // CNNVD: CNNVD-201909-1056 // NVD: CVE-2019-16518

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-16518
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-16518
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201909-1056
value: MEDIUM

Trust: 0.6

VULHUB: VHN-148672
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-16518
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-148672
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-16518
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2019-16518
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-148672 // JVNDB: JVNDB-2019-009562 // CNNVD: CNNVD-201909-1056 // NVD: CVE-2019-16518

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.9

sources: VULHUB: VHN-148672 // JVNDB: JVNDB-2019-009562 // NVD: CVE-2019-16518

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201909-1056

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201909-1056

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-009562

PATCH
title:Top Pageurl:http://www.vandyvape.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-009562

EXTERNAL IDS
db:NVDid:CVE-2019-16518
Trust: 2.5
db:JVNDBid:JVNDB-2019-009562
Trust: 0.8
db:CNNVDid:CNNVD-201909-1056
Trust: 0.7
db:VULHUBid:VHN-148672
Trust: 0.1
sources:
            
            
            VULHUB: VHN-148672 // 
            
            
            
            JVNDB: JVNDB-2019-009562 // 
            
            
            
            CNNVD: CNNVD-201909-1056 // 
            
            
            
            NVD: CVE-2019-16518

REFERENCES
url:https://gitlab.com/crypt0crc/cve-2019-16518
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2019-16518
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16518
Trust: 0.8
sources:
            
            
            VULHUB: VHN-148672 // 
            
            
            
            JVNDB: JVNDB-2019-009562 // 
            
            
            
            CNNVD: CNNVD-201909-1056 // 
            
            
            
            NVD: CVE-2019-16518

SOURCES
db:VULHUBid:VHN-148672
db:JVNDBid:JVNDB-2019-009562
db:CNNVDid:CNNVD-201909-1056
db:NVDid:CVE-2019-16518

LAST UPDATE DATE
2024-11-23T22:44:53.747000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-148672date:2019-09-23T00:00:00
db:JVNDBid:JVNDB-2019-009562date:2019-09-25T00:00:00
db:CNNVDid:CNNVD-201909-1056date:2019-09-30T00:00:00
db:NVDid:CVE-2019-16518date:2024-11-21T04:30:44.913

SOURCES RELEASE DATE
db:VULHUBid:VHN-148672date:2019-09-23T00:00:00
db:JVNDBid:JVNDB-2019-009562date:2019-09-25T00:00:00
db:CNNVDid:CNNVD-201909-1056date:2019-09-23T00:00:00
db:NVDid:CVE-2019-16518date:2019-09-23T15:15:10.810