{"vulnerability": "CVE-2023-1383", "sightings": [{"uuid": "553f2d17-c736-42d1-b57a-a54a600e2fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1383", "type": "seen", "source": "https://t.me/androidMalware/1874", "content": "Vulnerabilities identified in Amazon Fire TV Stick \n1) Local network PIN brute forcing (CVE-2023-1385) \n2) Arbitrary Javascript code to execution (CVE-2023-1384) \n3) Register services that are only locally accessible (CVE-2023-1383) \nhttps://www.bitdefender.com/files/News/CaseStudies/study/430/Bitdefender-PR-Whitepaper-AMZFr-creat6696-en-EN.pdf", "creation_timestamp": "2023-06-27T08:55:40.000000Z"}, {"uuid": "b30d447e-4256-4f9c-b4c6-a57a529f5cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1383", "type": "seen", "source": "https://t.me/cibsecurity/63226", "content": "\u203c CVE-2023-1383 \u203c\n\nAn Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.This issue affects:Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T16:31:02.000000Z"}]}