================================================================ Samsung softap weak random generated password (This affects SmartTV and Printers) ================================================================ Information ********************** Vulnerability Type : Weak password Vulnerable Version : many Severity: Medium Author – Augusto Pereyra CVE-ID: CVE-2015-5729 (waiting) Twitter: @aedpereyra Description *********************** Samsung SoftAP WPA2-PSK weak password randomly generated. It’s possible intersept wpa2-psk handshake and crack the password using aircrack in a few hours Detailed description ************************** http://ift.tt/1PdV1GQ Severity Level: ========================================================= Medium Description: ========================================================== Vulnerable Product: [+] Samsung Smartvs with wifi included (Some of this firmware could be in process) ModelFirmware patchedX10P EUT-MST10PDEUCB-1210.0X10P UST-MST10PAUSCB-1300.0X10P UST-MST10PAUSCP-1302.0X10P IBRT-MST10PIBRCB-1104.0X12 EUT-MST12DEUCB-1111.4X12 UST-MST12AKUCB-1114.0X14H EUT-MST14DEUCB-1023.0X14H UST-MST14AKUCB-1100.4X14H CNT-MST14DCNCB-1010.0X14J CNT-MS14JDCNCB-1004.2X14J UST-MS14JAKUCB - 1102.5X14J EUT-MS14JDEUCB-1018.0NT14U EUT-NT14UDEUCB-1007.1NT14U UST-NT14UAKUCB-1008.0NT14U CNT-NT14UDCNCB-1003.1 [+] May be all printers Xpress series. Confirmed on M288OFW Vulnerable Parameter(s): [+] WPA2 password Advisory Timeline ************************ 20-Jul-2015- Reported 27-Jul-2015- Vendor Response 02-Dec-2015- Vendor Fixed some models 17-Dec-2015- Public disclosed Fixed Version: ***************** All version could be fixed if you read the workaround described in "Detailed Description" Reference ***************** http://ift.tt/1TUzySD http://ift.tt/1PdV1GQ
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment