← Back

Smart Ai Speaker Firmware

smart_ai_speaker_firmware

Vendor: Yeelight • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-20007
1Yeelight
1Smart Ai Speaker Firmware
Nov 21, 2024
May 16, 2019
N/A· v4
6.8 MEDIUM· v3
7.2 HIGH· v2
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-F...Show more
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user information.Show less