Vulnerabilities > Yeelight

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-42189	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. network low complexity tapo nanoleaf govee switchbot phillips yeelight tp-link orein eve CWE-732	7.5
2019-05-16	CVE-2018-20007	Incorrect Permission Assignment for Critical Resource vulnerability in Yeelight Smart AI Speaker Firmware 3.3.100074 Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. local low complexity yeelight CWE-732	7.2

Vulnerabilities > Yeelight {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Yeelight"}]}