CVE-2023-49914 — MEDIUM (6.5)

Vulnerability Description

InteraXon Muse 2 devices allow remote attackers to cause a denial of service (incorrect Muse App report of an outstanding, calm meditation state) via a 480 MHz RF carrier that is modulated by a "false" brain wave, aka a Brain-Hack attack. For example, the Muse App does not display the reception of a strong RF carrier, and alert the user that a report may be misleading if this carrier has been modulated by a low-frequency signal.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Choosemuse	Muse 2 Firmware	-
Choosemuse	Muse 2	-

References

https://dl.acm.org/doi/10.1145/3605758.3623497Technical Description
https://scholar.google.com/citations?view_op=view_citation&hl=en&user=8hu27apy8ATechnical Description
https://dl.acm.org/doi/10.1145/3605758.3623497Technical Description
https://scholar.google.com/citations?view_op=view_citation&hl=en&user=8hu27apy8ATechnical Description

FAQ

What is CVE-2023-49914?

CVE-2023-49914 is a vulnerability with a CVSS score of 6.5 (MEDIUM). InteraXon Muse 2 devices allow remote attackers to cause a denial of service (incorrect Muse App report of an outstanding, calm meditation state) via a 480 MHz RF carrier that is modulated by a "false...

How severe is CVE-2023-49914?

CVE-2023-49914 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-49914?

Check the references section above for vendor advisories and patch information. Affected products include: Choosemuse Muse 2 Firmware, Choosemuse Muse 2.