ГлавнаяУязвимости → CVE-2023-6324
8.1высокая

CVE-2023-6324

→ есть в БДУ: BDU:2024-05594 (на русском)
Описание (на английском; русское — в БДУ выше)

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity

Затрагиваемое ПО
Wyze Cam v3 firmwareWyze Cam v3Roku Indoor camera se firmwareRoku Indoor camera seOwletcare Cam firmwareOwletcare CamOwletcare Cam 2 firmwareOwletcare Cam 2Throughtek Kalay platform
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Источники
https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/