CVE-2019-16518

Published: Sep 23, 2019Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

An issue was discovered on Swell Kit Mod devices that use the Vandy Vape platform. An attacker may be able to trigger an unintended temperature in the victim's mouth and throat via Bluetooth Low Energy (BLE) packets that specify large power or voltage values.

Affected (1)

Products: Vandyvape: Swell Kit Mod Firmware

1 product

Swell Kit Mod Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vandyvape Swell Kit Mod Firmware	Version 2.0.2

Running on/with	Platform Versions
Vandyvape Swell Kit Mod	All versions

Related CWEs

Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (2)

https://gitlab.com/crypt0crc/cve-2019-16518

Source: cve@mitre.org

ExploitThird Party Advisory

https://gitlab.com/crypt0crc/cve-2019-16518

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.