Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.2
CVSSv3

CVE-2021-37436

Published: 24/07/2021 Updated: 09/08/2021
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 4.2 | Impact Score: 3.6 | Exploitability Score: 0.5
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

amazon echo_dot_firmware

References

NVD-CWE-noinfohttps://arstechnica.com/gadgets/2021/07/passwords-in-amazon-echo-dots-live-on-even-after-you-factory-reset-them/https://dl.acm.org/doi/pdf/10.1145/3448300.3467820https://www.cpomagazine.com/data-privacy/is-it-possible-to-make-iot-devices-private-amazon-echo-dot-does-not-wipe-personal-content-after-factory-reset/https://news.ycombinator.com/item?id=27943730https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camerabypassCVE-2024-3592CVE-2024-37383CVE-2024-24919CVE-2024-27822CVE-2024-36788CVE-2024-36789man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook