← Back

CVE-2016-5056

nvd nist
Published: Apr 10, 2017Modified: May 13, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.

Affected (1)

Products: Osram: Lightify Pro
Osram
1 product
Lightify Pro
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Lightify Pro
Up to -

Related CWEs

CWE-326
Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (2)

Source: cret@cert.org
ExploitMitigationTechnical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMitigationTechnical DescriptionThird Party Advisory

Timeline

No history available yet.