CVE-2015-5729: Infoleak
First published: Thu Mar 23 2017(Updated: )
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung NT14U | =t-nt14uakucb-1008.0 | |
| Samsung NT14U | ||
| Samsung X14J eu | =t-ms14jakucb-1102.5 | |
| Samsung X14J | ||
| Samsung X14H us | =t-mst14dcncb-1010.0 | |
| Samsung X14H | ||
| Samsung X12 us | =t-mst12akucb-1114.0 | |
| Samsung X12 | ||
| Samsung X10P | =t-mst10pibrcb-1104.0 | |
| Samsung X10P eu | ||
| Samsung NT14U | =t-nt14udeucb-1007.1 | |
| Samsung NT14U | ||
| Samsung NT14U | =t-nt14udcncb-1003.1 | |
| Samsung NT14U | ||
| Samsung X14J eu | =t-ms14jdeucb-1018.0 | |
| Samsung X14J | ||
| Samsung X14J eu | =t-ms14jdcncb-1004.2 | |
| Samsung X14J | ||
| Samsung X14H us | =t-mst14akucb-1100.4 | |
| Samsung X14H | ||
| Samsung X14H us | =t-mst14deucb-1023.0 | |
| Samsung X14H cn | ||
| Samsung X12 us | =t-mst12deucb-1111.4 | |
| Samsung X12 | ||
| Samsung X10P | =t-mst10pauscp-1302.0 | |
| Samsung X10P eu | ||
| Samsung X10P | =t-mst10pdeucb-1210.0 | |
| Samsung X10P | ||
| Samsung M288OFW firmware | ||
| Samsung M288OFW firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kaoticoneutral.blogspot.com.ar/2015/12/samsung-smarttv-and-printers-weak.html
- http://packetstormsecurity.com/files/134976/Samsung-SoftAP-Weak-Password.html
- http://seclists.org/fulldisclosure/2015/Dec/79
- http://www.securityfocus.com/bid/79675
- http://www.securitytracker.com/id/1034503
- http://www.securitytracker.com/id/1034504
Frequently Asked Questions
What is the severity of CVE-2015-5729?
CVE-2015-5729 has a high severity rating due to the risk of remote attackers executing brute-force attacks on weak WPA2 PSK keys.
How do I fix CVE-2015-5729?
To fix CVE-2015-5729, update the firmware of the affected Samsung Smart TVs and printers to the latest version provided by Samsung.
Which devices are affected by CVE-2015-5729?
CVE-2015-5729 affects Samsung Smart TVs models X10P, X12, X14H, X14J, NT14U, and Xpress M288OFW printers.
What vulnerability does CVE-2015-5729 exploit?
CVE-2015-5729 exploits the generation of weak WPA2 PSK keys in affected Samsung devices, increasing risk of unauthorized access.
Can CVE-2015-5729 be exploited remotely?
Yes, CVE-2015-5729 can be exploited remotely, allowing attackers to bypass authentication and access sensitive information.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/samsung
- canonical/samsung nt14u
- version/samsung nt14u/t-nt14uakucb-1008.0
- canonical/samsung x14j eu
- version/samsung x14j eu/t-ms14jakucb-1102.5
- canonical/samsung x14j
- canonical/samsung x14h us
- version/samsung x14h us/t-mst14dcncb-1010.0
- canonical/samsung x14h
- canonical/samsung x12 us
- version/samsung x12 us/t-mst12akucb-1114.0
- canonical/samsung x12
- canonical/samsung x10p
- version/samsung x10p/t-mst10pibrcb-1104.0
- canonical/samsung x10p eu
- version/samsung nt14u/t-nt14udeucb-1007.1
- version/samsung nt14u/t-nt14udcncb-1003.1
- version/samsung x14j eu/t-ms14jdeucb-1018.0
- version/samsung x14j eu/t-ms14jdcncb-1004.2
- version/samsung x14h us/t-mst14akucb-1100.4
- version/samsung x14h us/t-mst14deucb-1023.0
- canonical/samsung x14h cn
- version/samsung x12 us/t-mst12deucb-1111.4
- version/samsung x10p/t-mst10pauscp-1302.0
- version/samsung x10p/t-mst10pdeucb-1210.0
- canonical/samsung m288ofw firmware