Vulnerabilities > CVE-2023-26979 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Bluetens Bluetensq 4.3.15

047910
CVSS 3.1 - LOW
Attack vector
ADJACENT_NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
high complexity
bluetens
CWE-924

Summary

Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

Vulnerable Configurations

Part Description Count
Application
Bluetens
1