CVE-2019-16518

{"id": "CVE-2019-16518", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2019-09-23T15:15:10.810", "references": [{"url": "https://gitlab.com/crypt0crc/cve-2019-16518", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Swell Kit Mod devices that use the Vandy Vape platform. An attacker may be able to trigger an unintended temperature in the victim's mouth and throat via Bluetooth Low Energy (BLE) packets that specify large power or voltage values."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos Swell Kit Mod que utilizan la plataforma Vandy Vape. Un atacante puede ser capaz de activar una temperatura no deseada en la boca y garganta de la v\u00edctima por medio de paquetes Bluetooth Low Energy (BLE) que especifican valores altos de potencia o voltaje."}], "lastModified": "2019-09-23T21:15:10.780", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:vandyvape:swell_kit_mod_firmware:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D79BE191-5C25-461C-A425-200F61392B17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:vandyvape:swell_kit_mod:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95585EE7-282E-4C1A-82B1-423EDFD792E7"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}