CVE: CVE-2021-44480

Export to Word

Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number and password) to listen to a device's surroundings via a callback in an SMS command, as demonstrated by the 123456 and 523681 default passwords.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.00304
Percentile: 0.53196

CVSS Scoring

CVSS v3.1 Score: 8.1

Severity: HIGH

Mapped CWE(s)

CWE-1188 : Initialization of a Resource with an Insecure Default
CWE-319 : Cleartext Transmission of Sensitive Information

All CAPEC(s)

CAPEC-102: Session Sidejacking
CAPEC-117: Interception
CAPEC-383: Harvesting Information via API Event Monitoring
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
CAPEC-65: Sniff Application Code
CAPEC-665: Exploitation of Thunderbolt Protection Flaws

CAPEC(s) with Mapped TTPs

CAPEC-383: Harvesting Information via API Event Monitoring
Mapped TTPs:
- T1056.004 : Credential API Hooking
CAPEC-65: Sniff Application Code
Mapped TTPs:
- T1040 : Network Sniffing
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
Mapped TTPs:
- T1211 : Exploitation for Defense Evasion
- T1542.002 : Component Firmware
- T1556 : Modify Authentication Process

Mapped ATT&CK TTPs

T1056.004 : Credential API Hooking
Kill Chain: collection
T1040 : Network Sniffing
Kill Chain: credential-access
T1211 : Exploitation for Defense Evasion
Kill Chain: defense-evasion
T1542.002 : Component Firmware
Kill Chain: persistence
T1556 : Modify Authentication Process
Kill Chain: credential-access

Malware

APTs Threat Group Associations

Campaigns

ArcaneDoor
2015 Ukraine Electric Power Attack

Affected Products

cpe:2.3:o:wokkalokka:wokka_watch_q50_firmware:-:*:*:*:*:*:*:*

← Back to Home