CVE-2017-16867
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a camera and enter a house if a delivery driver failed to ensure a locked door before leaving.
Amazon Key hasta el 16/11/2017 gestiona de manera incorrecta las tramas de desautenticación de 802.11 de Cloud Cam durante el proceso de entrega, lo que hace que tengan más facilidad (1) los repartidores para congelar una cámara y volver a entrar en una casa para realizar actividades sin que las cámaras graben o (2) los atacantes para congelar una cámara y entrar en una casa si el repartidor no se asegura de que la puerta está bien cerrada antes de marcharse.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-16 CVE Reserved
- 2017-11-16 CVE Published
- 2023-10-27 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101899 | Third Party Advisory | |
| https://www.engadget.com/2017/11/16/amazon-key-hack-cloud-cam | Issue Tracking | |
| https://www.theverge.com/2017/11/16/16665064/amazon-key-camera-disable | Issue Tracking | |
| https://www.wired.com/story/amazon-key-flaw-let-deliverymen-disable-your-camera | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Amazon Search vendor "Amazon" | Amazon Key Firmware Search vendor "Amazon" for product "Amazon Key Firmware" | <= 2017-11-16 Search vendor "Amazon" for product "Amazon Key Firmware" and version " <= 2017-11-16" | - |
Affected
| in | Amazon Search vendor "Amazon" | Amazon Key Search vendor "Amazon" for product "Amazon Key" | - | - |
Safe
|