17 matches found
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
CVE-2021-35952
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
Code injection
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device...
Code injection
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
PT-2022-10481 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker version 90.89 Description: The issue allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD...
CVE-2021-35952
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
CVE-2021-35952
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
PT-2022-10480 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to cause a Denial of Service, resulting in a device outage. This can be achieved via crafted choices of the last three bytes of a...
CVE-2021-35951
The CVE-2021-35951 issue affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. A remote, unauthenticated attacker can send a malicious firmware update over Bluetooth Low Energy (BLE), potentially brick the device. The connected sources describe the vulnerability but do not provide a c...
CVE-2021-35953
Summary: CVE-2021-35953 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. A remote attacker can cause a device outage (DoS) by crafting the last three bytes of a characteristic value, enabling unauthenticated network access to trigger the issue. The vulnerability surface centers o...
CVE-2021-35954
CVE-2021-35954 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. Affected component: Serial Wire Debug (SWD) feature enables physically proximate attackers to dump firmware, flash custom malicious firmware, and brick the device. Base CVSS v3.1 score 8.1 (HIGH) with ADJACENT attack...
fastrack Reflex 安全漏洞
The fastrack Reflex is a smart wearable device from fastrack. A security vulnerability exists in fastrack Reflex version 2.0 W307SREFLEXv90.89, which stems from an activity tracker that allows an unauthenticated, remote attacker to send a malicious firmware update over BLE and brick the device...
CVE-2021-35951
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device...
CVE-2021-35952
The vulnerability CVE-2021-35952 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. The issue stems from Bluetooth LE Characteristics on handle 0x0017, allowing a remote attacker to modify the device’s time, date, and month. Impact is a time/date manipulation capability with a CVSS...
PT-2022-10479 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017. Recommendations: For fastrack Reflex 2.0 W307S...