Sign-up

ID

VAR-202009-1665


TITLE

Foshan Electric Lighting Co., Ltd. LED smart bulbs have low energy Bluetooth (BLE) connection vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-46212

DESCRIPTION

The LED smart bulb is a new technology light source, which has the advantages of beauty, fashion, energy saving, environmental protection and safety. It can be controlled by smart devices. The LED smart bulb of Foshan Electric Lighting Co., Ltd. has a Bluetooth Low Energy (BLE) connection vulnerability. The attacker sends an abnormal CONNECT_REQ connection request message to the FSL smart bulb BLE Bluetooth, which causes the smart bulb Bluetooth protocol stack to crash, and the power is turned off to recover. .

Trust: 0.6

sources: CNVD: CNVD-2020-46212

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-46212

AFFECTED PRODUCTS

vendor:foshan electric lightingmodel:led smart bulbscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-46212

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-46212
value: HIGH

Trust: 0.6

CNVD: CNVD-2020-46212
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-46212

PATCH

title:FSL lighting LED smart bulb BLE has security loopholesurl:https://www.cnvd.org.cn/patchinfo/show/228247

Trust: 0.6

sources: CNVD: CNVD-2020-46212

EXTERNAL IDS

db:CNVDid:CNVD-2020-46212

Trust: 0.6

sources: CNVD: CNVD-2020-46212

SOURCES

db:CNVDid:CNVD-2020-46212

LAST UPDATE DATE

2022-05-04T10:25:37.361000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-46212date:2020-08-14T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-46212date:2020-09-15T00:00:00