Vulnerabilities (CVE)

Filtered by vendor Fastrack Subscribe
Filtered by product Reflex 2.0 Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-35953 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2024-02-28 N/A 7.5 HIGH
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service (device outage) via crafted choices of the last three bytes of a characteristic value.
CVE-2021-35954 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2024-02-28 N/A 8.1 HIGH
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug (SWD) feature.
CVE-2021-35951 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2024-02-28 N/A 7.5 HIGH
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device.
CVE-2021-35952 1 Fastrack 2 Reflex 2.0, Reflex 2.0 Firmware 2024-02-28 N/A 5.3 MEDIUM
fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017.