Ranixch

**Name of the Vulnerable Software and Affected Versions** Xiaomi M365 scooter versions prior to 1.5.1 **Description** The issue allows spoofing of commands, including "suddenly accelerate", due to the lack of server-side authentication check for Bluetooth Low Energy commands. Other affected commands include suddenly braking, locking, and unlocking. **Recommendations** For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue. As a temporary workaround, consider restricting Bluetooth Low Energy connections to trusted devices until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.2.5 tvOS versions prior to 11.2.5 watchOS versions prior to 4.2.2 **Description** The issue involves the Core Bluetooth component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service via a crafted app, resulting in memory corruption. **Recommendations** For iOS versions prior to 11.2.5, update to version 11.2.5 or later. For tvOS versions prior to 11.2.5, update to version 11.2.5 or later. For watchOS versions prior to 4.2.2, update to version 4.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.2.5 tvOS versions prior to 11.2.5 watchOS versions prior to 4.2.2 **Description** The issue involves the Core Bluetooth component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service via a crafted app, resulting in memory corruption. **Recommendations** For iOS versions prior to 11.2.5, update to version 11.2.5 or later. For tvOS versions prior to 11.2.5, update to version 11.2.5 or later. For watchOS versions prior to 4.2.2, update to version 4.2.2 or later.