CVE-2019-9483

critical

Description

Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.

References

Advisories

https://www.theverge.com/2019/2/27/18243296/ring-doorbell-hacked-fake-images-security-experts

https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/

Details

Source: Mitre, NVD

Published: 2019-03-01

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00077

Detections

Analytics