Cognitoys Stemosaur Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Cognitoys Stemosaur Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-8865 — CVSS 5.9 (medium): Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay…
CVE-2017-8866 — CVSS 5.9 (medium): Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote…
CVE-2017-8867 — CVSS 5.9 (medium): Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 use AES-128 with ECB mode to encrypt voice traffic between the…