// For flags

CVE-2021-38543

 

Severity Score

5.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We assume that the USB splitter supplies power to some speakers. The power indicator LED of the USB splitter is connected directly to the power line, as a result, the intensity of the USB splitter's power indicator LED is correlative to its power consumption. The sound played by the connected speakers affects the USB splitter's power consumption and as a result is also correlative to the light intensity of the LED. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LED of the USB splitter, we can recover the sound played by the connected speakers.

Los dispositivos splitter USB TP-Link UE330 hasta 09-08-2021, en determinados casos de uso en los que el dispositivo suministra energía a equipos de salida de audio, permiten a atacantes remotos recuperar las señales de voz de un LED del dispositivo, por medio de un telescopio y un sensor electro-óptico, también se conoce como un ataque "Glowworm". Suponemos que el divisor USB suministra energía a unos altavoces. El LED indicador de potencia del divisor USB está conectado directamente a la línea de alimentación, por lo que la intensidad del LED indicador de potencia del divisor USB es correlativa a su consumo de energía. El sonido reproducido por los altavoces conectados afecta al consumo de energía del divisor USB y, en consecuencia, también es correlativo a la intensidad luminosa del LED. Al analizar las medidas obtenidas por un sensor electro-óptico dirigido al LED indicador de potencia del splitter USB, podemos recuperar el sonido reproducido por los altavoces conectados

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-08-11 CVE Reserved
  • 2021-08-11 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • 2024-08-14 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (1)
URL Tag Source
URL Date SRC
https://www.nassiben.com/glowworm-attack 2024-08-04
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tp-link
Search vendor "Tp-link"
 Ue330 Firmware
Search vendor "Tp-link" for product "Ue330 Firmware"
 <= 2021-08-09
Search vendor "Tp-link" for product "Ue330 Firmware" and version " <= 2021-08-09"
-
Affected
in Tp-link
Search vendor "Tp-link"
 Ue330
Search vendor "Tp-link" for product "Ue330"
--
Safe