CVE-2023-40735

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

Cavo – Connecting for a Safer World / BUTTERFLY BUTTONAs of 2023-08-21 – As of 2023-08-21

References

VENDOR_ADVISORYhttps://www.vulsec.org/advisories
MISChttps://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md
MISChttps://butterfly-button.web.app/
MISChttps://github.com/TheButterflyButton
MISChttps://github.com/TheButterflySDK
MISChttps://www.butterfly-button.com/