{ "id": "CVE-2018-16270", "sourceIdentifier": "cve@mitre.org", "published": "2020-01-22T14:15:11.213", "lastModified": "2024-11-21T03:52:25.633", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path." }, { "lang": "es", "value": "La serie Samsung Galaxy Gear versiones anteriores al build RE2, incluye la utilidad hcidump sin restricci\u00f3n de privilegios o permisos. Esto permite a un proceso no privilegiado descargar paquetes Bluetooth HCI en una ruta de archivo arbitraria." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-269" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:galaxy_gear_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "823D208B-3316-42CD-BFAD-F680B2CE04CA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:galaxy_gear:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B033BF3-3C56-4B7A-92B5-8D1024EB36EE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_2_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "3ACF61B2-D169-4423-9A54-BA0C73BAAA95" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A58D5FF1-9573-4059-9C38-4C6B45812896" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_live_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "94B31103-12C7-460E-B0F0-86D1B036D067" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_live:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1E260EE-D0E5-4506-862E-367D72767A5B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_s_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "42163099-D8E7-4509-A9B0-ABCA3260E963" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_s:-:*:*:*:*:*:*:*", "matchCriteriaId": "15C8050C-4FFB-4CE9-AC2E-927C43D0A5ED" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_s2_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "77C40433-B8BC-4829-B7C5-2EEA66C7827F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_s2:-:*:*:*:*:*:*:*", "matchCriteriaId": "80E04318-D715-4263-A869-C9203EB7CE75" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_s3_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "A52BB0AA-9EFC-4CC8-AD81-777D63C8E26B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_s3:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB6F5890-C7A5-45B2-BADE-118B53BE2667" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_sport_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "062AEA64-280B-4A80-9E9F-A65225D7A7E9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_sport:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4D21008-B7FC-4E40-8817-B96A045DB122" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_fit_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "3F03DF2D-7C51-4633-918E-58B0A5601954" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_fit:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BA573D2-AF1C-4763-9244-95F5104177E2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_fit_2_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "826565B1-E201-4EF4-B9FD-6D34962188F2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_fit_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A2D9849-D057-41ED-AA8A-D692135B4DC2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:gear_fit_2_pro_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "re2", "matchCriteriaId": "73864A48-39CC-4196-B18C-AB079D554709" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:gear_fit_2_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E06C7B-5870-4D08-8D48-43EC469A579B" } ] } ] } ], "references": [ { "url": "https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdf", "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ] }, { "url": "https://www.youtube.com/watch?v=3IdgBwbOT-g&feature=youtu.be", "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ] }, { "url": "https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ] }, { "url": "https://www.youtube.com/watch?v=3IdgBwbOT-g&feature=youtu.be", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ] } ] }