101 matches found
CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...
SmartAttack: Air-Gap Attack Via Smartwatches
Air-gapped systems are considered highly secure against data leaks due to their physical isolation from external networks. Despite this protection, ultrasonic communication has been demonstrated as an effective method for exfiltrating data from such systems. While smartphones have been extensivel...
CVE-2022-3007
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...
The vulnerability of the Bluetooth smart watch technology from Fire-Boltt: an artillery smart watch that allows a violator to disconnect the user from the application or expose protected information.
The vulnerability of the Bluetooth smart watch technology Fire-Boltt Artillery Smart Watch lies in improper cleaning or release of resources. Exploiting this vulnerability could allow a malicious actor to disconnect the user from the application or expose the protected information...
Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)
Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...
Maxima Max Pro Power 1.0 486A BLE Traffic Replay
Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...
CVE-2022-3007
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...
Information disclosure
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...
CVE-2022-3007
CVE-2022-3007 – Syska SW100 Smartwatch vulnerability arises from an improper implementation/configuration of Nordic Device Firmware Update (DFU) used for OTA updates over Bluetooth Low Energy. An unauthenticated attacker can set arbitrary values via BLE, potentially allowing a firmware update, de...
CVE-2022-3007 Unauthorized Access Vulnerability in Syska SW100 Smartwatch
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...
Syska SW100 Security Vulnerability
Syska SW100 is a smartwatch from Syska. A security vulnerability exists in the Syska SW100 version V2 that stems from a misconfiguration and could allow an attacker to perform firmware updates, device reboots, or data operations on the target device...
PT-2023-12996 · Nordic Semiconductor +1 · Nordic Device Firmware Update +1
Name of the Vulnerable Software and Affected Versions: Syska SW100 Smartwatch affected versions not specified Description: The issue exists due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU used for Over-The-Air OTA firmware updates on Bluetooth Low Energ...
smartwatch-im-praxistest.de Cross Site Scripting vulnerability OBB-3509492
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Huawei Aslan-AL10 安全漏洞
Huawei Aslan-AL10 is a children's smartwatch from Huawei China. The Huawei Aslan-AL10 suffers from a security vulnerability that stems from the presence of an improper authorization vulnerability that could allow an attacker to access specific files...
Huawei HOTA-Fara-B19 授权问题漏洞
Huawei HOTA-Fara-B19 is a smartwatch from Chinese company Huawei. The Huawei HOTA-Fara-B19 suffers from a security vulnerability that stems from the presence of an insufficient authentication vulnerability that could allow an attacker to spoof and then connect to the bracelet...
Apple watchOS 安全漏洞
Apple watchOS is an operating system for smartwatches from Apple. A security vulnerability exists in Apple watchOS, which stems from an application that may be able to execute arbitrary code with kernel privileges...
PT-2022-19427 · Unknown +1 · Bigbluebutton +1
Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.3.19 BigBlueButton versions prior to 2.4.7 BigBlueButton versions prior to 2.5.0-beta.2 Description: The issue allows for regular expression denial of service ReDoS attacks. An attacker can cause denial of...
Download Kali Linux 2021.3 with Kali NetHunter on smartwatch, new tools
By Waqas Kali Linux 2021.3 comes with a range of new pentest tools and a brand-new OpenSSL configuration to enhance the attack surface. This is a post from HackRead.com Read the original post: Download Kali Linux 2021.3 with Kali NetHunter on smartwatch, new tools...
Kali Linux 2021.3 - Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates. A summary of the changes since the 2021.2 release from June are: OpenSSL - Wide compatibility by default - Keep reading for what that means New Kali-Tools site - Following the footsteps of...
smartwatch-v8.dostavka2.me Cross Site Scripting vulnerability OBB-2123515
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...