CVE-2023-6323

Name of the Vulnerable Software and Affected Versions: Kalay SDK versions (affected versions not specified) Owlet Cam version (affected versions not specified) Owlet Cam v1 Owlet Cam v2 Wyze Cam v3 Roku Indoor Camera SE

Description: The issue is related to insufficient authentication of received data, allowing an attacker to impersonate an authoritative server and potentially gain unauthorized access to protected information. This can be exploited by a remote attacker.

Recommendations: For Kalay SDK, consider implementing proper message authentication mechanisms to verify the authenticity of received messages until a patch is available. For Owlet Cam v1, Owlet Cam v2, Wyze Cam v3, and Roku Indoor Camera SE, restrict access to sensitive information and consider disabling remote access features until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.