CVE-2023-1385
Vulnerability Description
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services.
This issue affects:
Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.
Insignia TV with FireOS 7.6.3.3.
This issue affects:
Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.
Insignia TV with FireOS 7.6.3.3.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!