Remote Data Injection Vulnerability in Arduino Embedded Systems
CVE-2019-13991

6.5MEDIUM

Key Information:

Vendor: Arduino
Status: Arduino Firmware
Vendor: CVE Published:; 19 July 2019

What is CVE-2019-13991?

Embedded systems utilizing Arduino technology prior to Rev3 are susceptible to a unique vulnerability that allows remote attackers to control LEDs connected to GPIO pins. By leveraging the photosensitivity of LEDs, an attacker can send data to these light-emitting diodes using a laser, effectively creating a means of unauthorized remote communication. This vulnerability highlights the need for enhanced security measures in embedded systems and careful consideration of hardware design to protect against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://arxiv.org/abs/1907.00479

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2019
Vulnerability Reserved
Jul 19, 2019

JSON

Arduino

What is CVE-2019-13991?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.