QwikSec

Security Database

CVE

CWE

Training

CVE-2023-33248

Published: May 24, 2023

Modified: Jan 16, 2025

PUBLISHED

Description

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing). Commands at these frequencies are essentially never spoken by authorized actors, but a substantial fraction of the commands are successful.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cios2023.org/papers

https://www.usenix.org/system/files/sec23fall-prepub-261-xia-qi.pdf

https://sites.google.com/view/nuitattack/home

https://arxiv.org/abs/2305.10358

https://github.com/reveondivad/nuance

https://youtu.be/3gEc5ZFWIWo

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.