CVE-2020-11917

Name of the Vulnerable Software and Affected Versions Siime Eye version 14.1.00000001.3.330.0.0.3.14

Description An issue was discovered in Siime Eye, which uses a default SSID value. This makes it easier for remote attackers to discover the physical locations of many Siime Eye devices, violating the privacy of users who do not wish to disclose their ownership of this type of device. Various resources, such as wigle.net, can be used for mapping SSIDs to physical locations.

Recommendations To resolve the issue, update the Siime Eye device to the latest firmware and apply all recommended security patches. Ensure that the device is configured to use a unique SSID value instead of the default one. As a temporary workaround, consider disabling the device's wireless functionality until a patch is available. Restrict access to the device's network to minimize the risk of exploitation. Avoid using resources like wigle.net to map SSIDs to physical locations until the issue is resolved.

Note: At the moment, there is no information about a newer version that contains a fix for this vulnerability.