Strix
26.1K

CVE-2021-24046

MEDIUMCVSS 5.3/10EPSS 0.70%

Last modified

CVE-2021-24046 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.. EPSS estimates a 0.70% chance of exploitation in the next 30 days.

Description

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.

Metrics

CVSS 3.1
5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Probability
0.70%

48.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Ray-BanStories Rw4003 65582v 48-23 Firmware< 2107460.6810.0
Ray-BanStories Rw4002 601\/71 50-22 Firmware< 2107460.6810.0
Ray-BanStories Rw4005 656013 51-20 Firmware< 2107460.6810.0
Ray-BanStories Rw4005 6563m3 51-20 Firmware< 2107460.6810.0.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-24046?
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.
How severe is CVE-2021-24046?
CVE-2021-24046 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.70% probability of exploitation in the next 30 days.
How do I fix CVE-2021-24046?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-24046?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST