Sign-up

ID

VAR-201902-0921


TITLE

LEM smart bracelet S10 has Bluetooth replay vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-05342

DESCRIPTION

LEM smart bracelet is a smart bracelet produced by Shenzhen Lingmeng Technology Co., Ltd. It can collect user's steps, blood pressure, heart rate and other health data, as well as set alarm clock reminder (band vibration) and other functions. The LEM smart bracelet S10 has a Bluetooth replay vulnerability. An attacker can use the vulnerability to control the bracelet by replaying the low-power Bluetooth command packet sent to the smart bracelet by the mobile phone APP.

Trust: 0.6

sources: CNVD: CNVD-2019-05342

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-05342

AFFECTED PRODUCTS

vendor:lingmengmodel:lem smart bracelet s10scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-05342

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-05342
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2019-05342
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2019-05342

PATCH

title:LEM smart bracelet S10 has Bluetooth replay vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/150065

Trust: 0.6

sources: CNVD: CNVD-2019-05342

EXTERNAL IDS

db:CNVDid:CNVD-2019-05342

Trust: 0.6

sources: CNVD: CNVD-2019-05342

SOURCES

db:CNVDid:CNVD-2019-05342

LAST UPDATE DATE

2022-05-04T10:11:34.333000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-05342date:2019-05-07T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-05342date:2019-02-26T00:00:00