Vulnerability Description
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat) or user discomfort.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lixil | My Satis Genius Toilet | - |
References
- http://arstechnica.com/security/2013/08/holy-sht-smart-toilet-hack-attack/
- http://packetstormsecurity.com/files/122655/LIXIL-Satis-Toilet-Hard-Coded-Blueto
- http://seclists.org/fulldisclosure/2013/Aug/18
- http://www.huffingtonpost.co.uk/2013/08/05/smart-toilet-could-attackmy-satis_n_3
- http://www.independent.co.uk/life-style/gadgets-and-tech/features/now-even-toile
- https://www.trustwave.com/spiderlabs/advisories/TWSL2013-020.txt
- http://arstechnica.com/security/2013/08/holy-sht-smart-toilet-hack-attack/
- http://packetstormsecurity.com/files/122655/LIXIL-Satis-Toilet-Hard-Coded-Blueto
- http://seclists.org/fulldisclosure/2013/Aug/18
- http://www.huffingtonpost.co.uk/2013/08/05/smart-toilet-could-attackmy-satis_n_3
- http://www.independent.co.uk/life-style/gadgets-and-tech/features/now-even-toile
- https://www.trustwave.com/spiderlabs/advisories/TWSL2013-020.txt
FAQ
What is CVE-2013-4866?
CVE-2013-4866 is a vulnerability with a CVSS score of 3.3 (LOW). The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat)...
How severe is CVE-2013-4866?
CVE-2013-4866 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4866?
Check the references section above for vendor advisories and patch information. Affected products include: Lixil My Satis Genius Toilet.