CVE-2020-11917
MEDIUMSiime Eye 14.1.00000001.3.330.0.0.3.14 - Privacy Violation via Default SSID
Title source: llmDescription
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices, violating the privacy of users who do not wish to disclose their ownership of this type of device. (Various resources such as wigle.net can be use for mapping of SSIDs to physical locations.)
References (2)
Core 2
Core References
Exploit, Mailing List, Third Party Advisory mailing-list
https://seclists.org/fulldisclosure/2024/Jul/14
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/14
Scores
CVSS v3
4.3
EPSS
0.0055
EPSS Percentile
41.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1188
Status
published
Products (1)
svakom/svakom_siime_eye_firmware
14.1.00000001.3.330.0.0.3.14
Published
Nov 07, 2024
Tracked Since
Feb 18, 2026