mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.1 KiB
1.1 KiB
CVE-2023-1385
Description
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services.This issue affects:Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.Insignia TV with FireOS 7.6.3.3.
POC
Reference
Github
No PoCs found on GitHub currently.