Vulnerabilities > CVE-2021-35951 - Unspecified vulnerability in Fastrack Reflex 2.0 Firmware 90.89

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

fastrack

NVD

Published: 2022-12-26

Updated: 2023-01-05

Summary

fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device.

Vulnerable Configurations

Part	Description	Count
OS	Fastrack Fastrack Reflex 2.0 Firmware 90.89	1
Hardware	Fastrack Fastrack Reflex 2.0 -	1

References

https://www.fastrack.in/shop/watch-smart-wearables-reflex-2
https://payatu.com/advisory/fastrack-reflex-unauthenticated-firmware-update