3.3.10.0074

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-16	CVE-2018-20007	Incorrect Permission Assignment for Critical Resource vulnerability in Yeelight Smart AI Speaker Firmware 3.3.100074 Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. low complexity yeelight CWE-732	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.