An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.
References
Link | Resource |
---|---|
https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md | Exploit Technical Description Third Party Advisory |
https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf | Exploit Technical Description Third Party Advisory |
Configurations
History
01 Oct 2024, 15:51
Type | Values Removed | Values Added |
---|---|---|
First Time |
Jktyre
Jktyre smart Tyre Car \& Bike |
|
CWE | CWE-294 | |
References | () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md - Exploit, Technical Description, Third Party Advisory | |
References | () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf - Exploit, Technical Description, Third Party Advisory | |
CPE | cpe:2.3:a:jktyre:smart_tyre_car_\&_bike:4.2.0:*:*:*:*:android:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.2 |
20 Sep 2024, 12:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
18 Sep 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-18 14:15
Updated : 2024-10-01 15:51
NVD link : CVE-2024-39081
Mitre link : CVE-2024-39081
CVE.ORG link : CVE-2024-39081
JSON object : View
Products Affected
jktyre
- smart_tyre_car_\&_bike
CWE
CWE-294
Authentication Bypass by Capture-replay