Logic Flaw in Ray-Ban Stories Device Software by Facebook
CVE-2021-24046

5.3MEDIUM

Key Information:

Vendor: Meta Platforms, Inc
Status: Ray-ban® Stories Smart Glasses
Vendor: CVE Published:; 14 January 2022

🔔 Create Meta Platforms, Inc Vulnerability Alert

What is CVE-2021-24046?

A logic flaw within the software of Ray-Ban Stories devices enables unauthorized modifications to certain parameters, including the limits on video capture duration, via the Facebook View application. This vulnerability impacts versions of the device software prior to 2107460.6810.0, highlighting a significant concern for user data integrity and device functionality.

Affected Version(s)

Ray-Ban® Stories Smart Glasses < 2107460.6810.0

Ray-Ban® Stories Smart Glasses 2107460.6810.0

References

https://www.facebook.com/security/advisories/cve-2021-24046

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2022
Vulnerability Reserved
Jan 13, 2021