This page aggregates publicly disclosed CVE and security risk information related to owllabs, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-31463 | Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. | [email protected] | 8.2 | 0.97% | 2022-06-02 | 2024-11-21 |
| CVE-2022-31462 | Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data. | [email protected] | 9.3 | 0.82% | 2022-06-02 | 2024-11-21 |
| CVE-2022-31461 | Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message. | [email protected] | 7.4 | 0.83% | 2022-06-02 | 2024-11-21 |
| CVE-2022-31460 | Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value. | [email protected] | 7.4 | 3.41% | 2022-06-02 | 2024-11-21 |
| CVE-2022-31459 | Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth. | [email protected] | 7.4 | 0.79% | 2022-06-02 | 2024-11-21 |