CVE-2015-5729 — Sensitive Information Exposure in Samsung Nt14u Firmware

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

1.3%

top 19.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Nt14u Firmware Samsung X10p Firmware Samsung X12 Firmware +2 more

Timeline

PublishedMar 23

Latest updateMay 17

Description

The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

▶NVDsamsung/x10p_firmwaret-mst10pauscp-1302.0, t-mst10pdeucb-1210.0, t-mst10pibrcb-1104.0+2

▶NVDsamsung/x14h_firmwaret-mst14akucb-1100.4, t-mst14dcncb-1010.0, t-mst14deucb-1023.0+2

▶NVDsamsung/x14j_firmwaret-ms14jakucb-1102.5, t-ms14jdcncb-1004.2, t-ms14jdeucb-1018.0+2

▶NVDsamsung/nt14u_firmwaret-nt14uakucb-1008.0, t-nt14udcncb-1003.1, t-nt14udeucb-1007.1+2

▶NVDsamsung/x12_firmwaret-mst12akucb-1114.0, t-mst12deucb-1111.4+1

🔴Vulnerability Details

GHSA

GHSA-q9vm-xr73-4r75: The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, whic↗2022-05-17

▶

CVEList

CVE-2015-5729: The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, whic↗2017-03-23

▶