CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 3CVE-2023-33248
https://notcve.org/view.php?id=CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing). Commands at these frequencies are essentially never spoken by authorized actors, but a substantial fraction of the commands are successful. • https://arxiv.org/abs/2305.10358 https://cios2023.org/papers https://github.com/reveondivad/nuance https://sites.google.com/view/nuitattack/home https://www.usenix.org/system/files/sec23fall-prepub-261-xia-qi.pdf https://youtu.be/3gEc5ZFWIWo •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-25809
https://notcve.org/view.php?id=CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically proximate attackers), aka an "Alexa versus Alexa (AvA)" attack. Una Neutralización Inapropiada de la salida de audio de los dispositivos Amazon Echo Dot de 3ª y 4ª generación permite una ejecución de comandos de voz arbitrarios en estos dispositivos por medio de una habilidad maliciosa (en el caso de atacantes remotos) o mediante el emparejamiento de un dispositivo Bluetooth malicioso (en el caso de atacantes físicamente próximos), también conocido como ataque "Alexa versus Alexa (AvA)" • https://arxiv.org/abs/2202.08619 •
CVSS: 4.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37436
https://notcve.org/view.php?id=CVE-2021-37436
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations. Unos dispositivos Amazon Echo Dot versiones hasta 02-07-2021 a veces permiten a atacantes, que tienen acceso físico a un dispositivo después de un restablecimiento de fábrica, obtener información confidencial por medio de una serie de complejos ataques de hardware y software. NOTA: según se informa, hubo declaraciones de marketing del proveedor sobre la eliminación segura de contenido personal por medio de un restablecimiento de fábrica. • https://arstechnica.com/gadgets/2021/07/passwords-in-amazon-echo-dots-live-on-even-after-you-factory-reset-them https://dl.acm.org/doi/pdf/10.1145/3448300.3467820 https://news.ycombinator.com/item?id=27943730 https://www.cpomagazine.com/data-privacy/is-it-possible-to-make-iot-devices-private-amazon-echo-dot-does-not-wipe-personal-content-after-factory-reset •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 1CVE-2018-11567
https://notcve.org/view.php?id=CVE-2018-11567
Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. • https://info.checkmarx.com/hubfs/Amazon_Echo_Research.pdf https://www.checkmarx.com/2018/04/25/eavesdropping-with-amazon-alexa https://www.wired.com/story/amazon-echo-alexa-skill-spying https://www.yahoo.com/news/amazon-alexa-bug-let-hackers-104609600.html • CWE-384: Session Fixation •