4.3
CVSSv2

CVE-2017-8866

Published: 11/12/2017 Updated: 04/01/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote malicious user to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

cognitoys stemosaur_firmware