Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hom.ee Subscribe
Filtered by product Brain Cube Core
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-24396 1 Hom.ee 2 Brain Cube, Brain Cube Core 2022-10-05 5.0 MEDIUM 7.5 HIGH
homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy.
CVE-2020-24395 1 Hom.ee 2 Brain Cube, Brain Cube Core 2021-06-03 7.2 HIGH 6.8 MEDIUM
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device.
CVE-2019-16258 1 Hom.ee 2 Brain Cube, Brain Cube Core 2021-06-03 7.2 HIGH 6.8 MEDIUM
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface.