Vulnerabilities > CVE-2019-13991 - Unspecified vulnerability in Arduino Firmware

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

low complexity

arduino

NVD

Published: 2019-07-19

Updated: 2020-08-24

Summary

Embedded systems based on Arduino before Rev3 allow remote attackers to send data to LEDs (directly connected to GPIO pins) via a laser, because of LED photosensitivity.

Vulnerable Configurations

Part	Description	Count
OS	Arduino Arduino Arduino Firmware -	1
Hardware	Arduino Arduino Arduino -	1

References

https://arxiv.org/abs/1907.00479