Description
Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://iayanpahwa.github.io/Reverse-Engineering-IoT-Devices/
Scores
CVSS v3
6.5
EPSS
0.0055
EPSS Percentile
42.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
syska/smartlight_rainbow_led_smart_bulb_firmware
< 2017-08-06
Published
Feb 10, 2020
Tracked Since
Feb 18, 2026