Unrated severityNVD Advisory· Published Jan 22, 2020· Updated Aug 5, 2024

CVE-2018-16270

Description

Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.

Affected products

Samsung/Galaxy Gear seriesdescription
Samsung Mobile/Galaxy Gearllm-fuzzy
Range: < build RE2

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdfmitrex_refsource_MISC
www.youtube.com/watchmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000