CVE-2017-18642

Name of the Vulnerable Software and Affected Versions: Syska Smart Bulb devices through 2017-08-06

Description: The issue allows for sniffing, reverse engineering, and replay attacks due to the reception of RGB parameters over cleartext Bluetooth Low Energy (BLE).

Recommendations: For Syska Smart Bulb devices through 2017-08-06, consider disabling Bluetooth Low Energy (BLE) connectivity until a secure method of parameter transmission is implemented. Restrict access to the BLE interface to minimize the risk of exploitation. Avoid using the RGB parameters in the affected BLE communication until the issue is resolved.