PT-2020-14791 · Temi · Temi Robox Os+1
Published
2020-08-11
·
Updated
2023-05-15
·
CVE-2020-16170
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
temi Robox OS versions prior to 120
temi Android app versions up to 1.3.7931
Description
The issue allows remote attackers to listen in on ongoing calls between temi robots and their users if they can brute-force or guess a six-digit value. This is due to the use of hard-coded credentials in the affected software.
Recommendations
For temi Robox OS versions prior to 120, update to version 120 or later.
For temi Android app versions up to 1.3.7931, update to a version later than 1.3.7931.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Temi Android App
Temi Robox Os