Exploitable Logic Flaw in Ray-Ban® Stories Device Software Allows Unauthorized Parameter Modification

Exploitable Logic Flaw in Ray-Ban® Stories Device Software Allows Unauthorized Parameter Modification

CVE-2021-24046 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.

Learn more about our Web Application Penetration Testing UK.