Zero Motorcycles · Zero Motorcycles Firmware · CVE-2026-1354
**Name of the Vulnerable Software and Affected Versions**
Zero Motorcycles firmware versions 44 and prior
**Description**
An issue in the Bluetooth pairing process allows an attacker in close proximity to forcibly pair a device with the motorcycle while it is in pairing mode. Once paired, the attacker can use the over-the-air firmware updating functionality to upload malicious firmware to the vehicle. Real-world incidents have occurred where this was exploited to compromise vehicle functions.
**Recommendations**
Update firmware to a version later than 44.