CVE-2019-5014

An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. An attacker can connect to the device to trigger this vulnerability.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:wincofireworks:fw-1007_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:h:wincofireworks:fw-1007:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:44

Type Values Removed Values Added
References () https://talosintelligence.com/vulnerability_reports/TALOS-2019-0772 - Third Party Advisory () https://talosintelligence.com/vulnerability_reports/TALOS-2019-0772 - Third Party Advisory

Information

Published : 2019-05-08 17:29

Updated : 2024-11-21 04:44


NVD link : CVE-2019-5014

Mitre link : CVE-2019-5014

CVE.ORG link : CVE-2019-5014


JSON object : View

Products Affected

wincofireworks

  • fw-1007
  • fw-1007_firmware
CWE
CWE-284

Improper Access Control

CWE-306

Missing Authentication for Critical Function