Skip to main content

Pebble Firmware

2 CVEs product

Monthly

CVE-2021-38546 MEDIUM POC This Month

CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Pebble V3 Firmware Pebble V2 Firmware Pebble Firmware Pebble Plus Firmware
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2016-10702 MEDIUM This Month

Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pebble Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
EPSS 1% CVSS 5.9
MEDIUM POC This Month

CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Pebble V3 Firmware Pebble V2 Firmware +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pebble Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy