Medium severity6.8NVD Advisory· Published Aug 27, 2018· Updated Jun 17, 2026
CVE-2018-3927
CVE-2018-3927
Description
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to the exposure of sensitive data. An attacker can impersonate the remote backtrace.io server in order to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: Firmware version 0.20.17
- Range: Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2018-0594nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.