PT-2024-13359 · Unknown · Pops! Rebel
Edward Warren
·
Published
2024-01-19
·
Updated
2024-01-29
·
CVE-2023-46447
CVSS v3.1
4.3
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
POPS! Rebel application version 5.0 for Android
Description
The POPS! Rebel application sends unencrypted glucose measurements over Bluetooth Low Energy (BLE). This issue affects the POPS! Rebel Bluetooth Glucose Monitoring System.
Recommendations
For POPS! Rebel application version 5.0, consider disabling the Bluetooth functionality until a patch is available to prevent the transmission of unencrypted glucose measurements. Restrict access to the application's data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pops! Rebel