Design/Logic Flaw

2018-04-0418:29:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

JSON

An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.

CPENameOperatorVersion
fuze_card_ble_firmwareeq0.7.4
fuze_card_mcu_firmwareeq0.1.73

CPE	Name	Operator	Version
	fuze_card_ble_firmware	eq	0.7.4
	fuze_card_mcu_firmware	eq	0.1.73

References

blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html

ice9.us/advisories/ICE9-2018-001.txt

www.elttam.com/blog/fuzereview/

www.reddit.com/r/netsec/comments/89qrp1/stealing_credit_cards_from_fuze_via_bluetooth/