Lucene search

K

MitreCVELIST:CVE-2018-9119

HistoryApr 04, 2018 - 12:00 a.m.

CVE-2018-9119

2018-04-0400:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.

References

blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html

ice9.us/advisories/ICE9-2018-001.txt

www.elttam.com/blog/fuzereview/#content

www.reddit.com/r/netsec/comments/89qrp1/stealing_credit_cards_from_fuze_via_bluetooth/

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

Related for CVELIST:CVE-2018-9119

prion1 cve1 nvd1 seebug1