Vulnerability in Owletcare Cam
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
EPSS: 0.007 (49.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.
Affected products
- Owletcare Cam
- Owletcare Cam_2
- Owletcare Cam_2_firmware
- Owletcare Cam_firmware
- Roku Indoor_camera_se
- Roku Indoor_camera_se_firmware — versions 3.0.2.4679
- Throughtek Kalay_platform
- Throughtek Kalay Sdk — versions 3.1.10.0, 3.2.0.0, 3.4.0.0
- Wyze Cam_v3
- Wyze Cam_v3_firmware — versions 4.36.11.5859
Weakness classification (CWE)
References
- cve-requests@bitdefender.com (Exploit, Third Party Advisory)
Frequently asked questions
- What is CVE-2023-6324?
- CVE-2023-6324 is a high-severity vulnerability in Owletcare Cam, classified under CWE-457. CVSS score: 8.1/10. Published 2024-05-15.
- How severe is CVE-2023-6324?
- High severity. CVSS v3 base score is 8.1 out of 10.