CVE-2023-26979

Name of the Vulnerable Software and Affected Versions Bluetens Electrostimulation Device BluetensQ device app version 4.3.15

Description The issue allows attackers to perform Man-in-the-middle attacks in the BLE channel, enabling them to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

Recommendations For version 4.3.15, consider restricting access to the BLE channel to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the BluetensQ device app for critical stimulation tasks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.