Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically proximate attackers), aka an "Alexa versus Alexa (AvA)" attack.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAmazon Echo Dot
HWAmazon3.04.0Amazon Echo Dot Firmware
OSAmazonwszystkie wersje
Powiązane podatności
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially all...
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device aft...
Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The...
Nieprawidłowa walidacja certyfikatów w Amazon Athena ODBC Driver — atak MITM
Niewystarczające zabezpieczenia uwierzytelniania w Amazon Athena ODBC Driver