PT-2018-14273 · Saga · Saga1-L8B

Federico Maggi

+6

·

Published

2018-10-24

·

Updated

2020-09-18

·

CVE-2018-17921

CVSS v3.1

8.8

High

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SAGA1-L8B versions prior to A0.10
Description The issue allows an attacker to force-pair the device without human interaction, potentially leading to remote code execution.
Recommendations For versions prior to A0.10, update the firmware to version A0.10 or later to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2018-17921
ZDI-18-1317

Affected Products

Saga1-L8B