CVE-2024-39081

An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.
References
Link Resource
https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md Exploit Technical Description Third Party Advisory
https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:jktyre:smart_tyre_car_\&_bike:4.2.0:*:*:*:*:android:*:*

History

01 Oct 2024, 15:51

Type Values Removed Values Added
First Time Jktyre
Jktyre smart Tyre Car \& Bike
CWE CWE-294
References () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md - () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/README.md - Exploit, Technical Description, Third Party Advisory
References () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf - () https://github.com/Amirasaiyad/BLE-TPMS/blob/main/Treel_BLE_TPMS_Penetration_Testing_Report.pdf - Exploit, Technical Description, Third Party Advisory
CPE cpe:2.3:a:jktyre:smart_tyre_car_\&_bike:4.2.0:*:*:*:*:android:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.2

20 Sep 2024, 12:30

Type Values Removed Values Added
Summary
  • (es) Un problema en SMART TYRE CAR & BIKE v4.2.0 permite a los atacantes realizar un ataque de intermediario a través de comunicaciones Bluetooth.

18 Sep 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-18 14:15

Updated : 2024-10-01 15:51


NVD link : CVE-2024-39081

Mitre link : CVE-2024-39081

CVE.ORG link : CVE-2024-39081


JSON object : View

Products Affected

jktyre

  • smart_tyre_car_\&_bike
CWE
CWE-294

Authentication Bypass by Capture-replay