CVE-2020-13425

EUVD-2020-5679
TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
thetrackrtrackr_firmware
𝑥
≤ 2020-05-06
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://secretdiary.ninja/index.php/2020/05/06/trackr-users-private-information-exposed/
https://secretdiary.ninja/index.php/2020/05/06/trackr-users-private-information-exposed/