9 matches found
CVE-2021-35952
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
CVE-2021-35951
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device...
Code injection
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device...
Code injection
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
CVE-2021-35952
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017...
CVE-2021-35953
Summary: CVE-2021-35953 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. A remote attacker can cause a device outage (DoS) by crafting the last three bytes of a characteristic value, enabling unauthenticated network access to trigger the issue. The vulnerability surface centers o...
CVE-2021-35954
CVE-2021-35954 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. Affected component: Serial Wire Debug (SWD) feature enables physically proximate attackers to dump firmware, flash custom malicious firmware, and brick the device. Base CVSS v3.1 score 8.1 (HIGH) with ADJACENT attack...
CVE-2021-35952
The vulnerability CVE-2021-35952 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. The issue stems from Bluetooth LE Characteristics on handle 0x0017, allowing a remote attacker to modify the device’s time, date, and month. Impact is a time/date manipulation capability with a CVSS...