{"uuid": "8f06687e-5637-4bc9-b6db-b9fc538c9eeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1385", "type": "seen", "source": "https://t.me/cibsecurity/63229", "content": "\u203c CVE-2023-1385 \u203c\n\nImproper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services.This issue affects:Amazon Fire TV Stick 3rd gen\u00c2\u00a0versions prior to 6.2.9.5.Insignia TV with FireOS\u00c2\u00a07.6.3.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T16:31:08.000000Z"}