CVE-2020-12734 Information

Description

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password and demand a ransom payment from the rightful device owner because there is no way to reset to Factory Default settings.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Reference

https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.1