| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed. |
| In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed. |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed. |
| In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
| The HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the HISP module. |
| The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. |
| The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality. |
| The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. |
| The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. |
| The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked. |
| The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage. |
| The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. |
| The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data. |
| In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed. |
| In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. |
