CVE-2024-27867

LOW Year: 2024
CVSS v3 Score
3.3
Low
Weakness Type
CWE-287
View all →

Vulnerability Description

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.

Related Vulnerabilities

CVE-2019-20533

LOW
CVSS:3.3(Low)

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (released in China or India) software. The S Secure app can launch masked apps without a password. The Samsung ID is S...

CWE-2872019

CVE-2020-9077

LOW
CVSS:3.3(Low)

HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specifie...

CWE-2872020

CVE-2020-9250

LOW
CVSS:3.3(Low)

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient veri...

CWE-2872020

CVE-2021-25341

LOW
CVSS:3.3(Low)

Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.

CWE-2872021

CVE-2021-25342

LOW
CVSS:3.3(Low)

Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.

CWE-2872021

CVE-2021-25343

LOW
CVSS:3.3(Low)

Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of...

CWE-2872021