Security Advisory

CVE-2023-1385

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-03 12:33:31

Last updated 2025-01-30 15:00:50

Assigner Bitdefender

State PUBLISHED

Description

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3.

← Browse all CVEs View on cve.org ↗