Vulnerability Description
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Nt14U Firmware | t-nt14uakucb-1008.0 |
| Samsung | Nt14U Us | - |
| Samsung | X14J Firmware | t-ms14jakucb-1102.5 |
| Samsung | X14J Us | - |
| Samsung | X14H Firmware | t-mst14dcncb-1010.0 |
| Samsung | X14H Cn | - |
| Samsung | X12 Firmware | t-mst12akucb-1114.0 |
| Samsung | X12 Us | - |
| Samsung | X10P Firmware | t-mst10pibrcb-1104.0 |
| Samsung | X10P Ibr | - |
| Samsung | Nt14U Eu | - |
| Samsung | Nt14U Cn | - |
| Samsung | X14J Eu | - |
| Samsung | X14J Cn | - |
| Samsung | X14H Us | - |
| Samsung | X14H Eu | - |
| Samsung | X12 Eu | - |
| Samsung | X10P Us | - |
| Samsung | X10P Eu | - |
| Samsung | M288Ofw Firmware | - |
Related Weaknesses (CWE)
References
- http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.ExploitTechnical DescriptionThird Party Advisory
- http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.htmlExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2015/Dec/79Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/79675Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1034503Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1034504Third Party AdvisoryVDB Entry
- http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.ExploitTechnical DescriptionThird Party Advisory
- http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.htmlExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2015/Dec/79Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/79675Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1034503Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1034504Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-5729?
CVE-2015-5729 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain s...
How severe is CVE-2015-5729?
CVE-2015-5729 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-5729?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Nt14U Firmware, Samsung Nt14U Us, Samsung X14J Firmware, Samsung X14J Us, Samsung X14H Firmware.