CVE-2022-37193

2022-09-2712:54:21

mitre

www.cve.org

chipolo

bluetooth

access control

vulnerability

ios app

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

52.9%

JSON

Chipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. Chipolo devices suffer from access revocation evasion attacks once the malicious sharee obtains the access credentials.

References

chipolo.net/en-us/products/chipolo-one-4-pack

github.com/zhouxinan/CCS22MaaGIoT/blob/main/ChipoloONE.md