Vulnerability in BluetensQ App Allows Man-in-the-Middle Attacks on Bluetens Electrostimulation Device

Vulnerability in BluetensQ App Allows Man-in-the-Middle Attacks on Bluetens Electrostimulation Device

CVE-2023-26979 · LOW Severity

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

Learn more about our Web Application Penetration Testing UK.