PT-2022-8852 · Dr Trust Usa · Dr Trust Usa Icheck Connect Bp Monitor Bp Testing 118

Published

2022-04-07

Updated

2022-04-14

CVE-2020-27373

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1

Description The issue concerns a vulnerability where plain text commands can be sent over Bluetooth Low Energy (BLE). This could potentially allow unauthorized access or control.

Recommendations For version 1.2.1, consider disabling BLE connectivity until a patch is available to prevent exploitation of the plain text command vulnerability. Restrict access to the device to minimize the risk of unauthorized control.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2020-27373

Affected Products

Dr Trust Usa Icheck Connect Bp Monitor Bp Testing 118

PT-2022-8852 · Dr Trust Usa · Dr Trust Usa Icheck Connect Bp Monitor Bp Testing 118

CVE-2020-27373

Weakness Enumeration

Related Identifiers

Affected Products

References · 7