Amazon Echo Dot Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Amazon Echo Dot Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-25809 — CVSS 9.8 (critical): Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on…
CVE-2021-37436 — CVSS 4.2 (medium): Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain…
CVE-2018-11567 — CVSS 3.3 (low): Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed…