{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T13:53:16.935","vulnerabilities":[{"cve":{"id":"CVE-2021-38545","sourceIdentifier":"cve@mitre.org","published":"2021-08-11T16:15:07.280","lastModified":"2024-11-21T06:17:24.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a \"Glowworm\" attack. We assume that the Raspberry Pi supplies power to some speakers. The power indicator LED of the Raspberry Pi is connected directly to the power line, as a result, the intensity of a device's power indicator LED is correlative to the power consumption. The sound played by the speakers affects the Raspberry Pi's power consumption and as a result is also correlative to the light intensity of the LED. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LED of the Raspberry Pi, we can recover the sound played by the speakers."},{"lang":"es","value":"Los dispositivos Raspberry Pi 3 B+ y 4 B hasta 09-08-2021, en determinados casos de uso en los que el dispositivo suministra energía a los equipos de salida de audio, permiten a atacantes remotos recuperar las señales de voz de un LED del dispositivo, por medio de un telescopio y un sensor electro-óptico, también se conoce como un ataque \"Glowworm\". Suponemos que la Raspberry Pi suministra energía a unos altavoces. El LED indicador de potencia de la Raspberry Pi está conectado directamente a la línea de alimentación, por lo que la intensidad del LED indicador de potencia del dispositivo es correlativa al consumo de energía. El sonido reproducido por los altavoces afecta al consumo de energía de la Raspberry Pi y, en consecuencia, también es correlativo a la intensidad de la luz del LED. Al analizar las medidas obtenidas de un sensor electro-óptico dirigido al LED indicador de potencia de la Raspberry Pi, podemos recuperar el sonido reproducido por los altavoces"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:raspberrypi:raspberry_pi_4_model_b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2021-08-09","matchCriteriaId":"92B4F95A-8C81-4E40-9658-65E6EC9BA67B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:raspberrypi:raspberry_pi_4_model_b:-:*:*:*:*:*:*:*","matchCriteriaId":"73F8F733-1A85-497A-BE05-6662D5FBD513"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:raspberrypi:raspberry_pi_3_model_b\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2021-08-09","matchCriteriaId":"6F8284F0-7BE5-4B39-89BD-363CE411913B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:raspberrypi:raspberry_pi_3_model_b\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"05303822-9252-471C-9209-7DBB593A3874"}]}]}],"references":[{"url":"https://www.nassiben.com/glowworm-attack","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.nassiben.com/glowworm-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}