Vulnerability
Fuzzing characteristic value leads to Device crash
Vulnerability Description
It was identified Fuzzing char value last 3 bytes of the watch was getting crashed after 5 minutes it restarts, Bluetooth doesn’t work and doesn’t show in the network, and attacker can crash the watch and make unusable.
CVE-ID
CVE-2021-35953
Vendor
Fastrack
Product
Fastrack Reflex 2.0 Activity Tracker
Disclosure Timeline
17 Nov 2020 reported to the vendor
30th June 2021 No response from the vendor and moving forward to public disclosure.
Credit
Shakir Zari