CVEs-PoC/2018/CVE-2018-9119.md at 183d1f8677d424ca51cab102bc615f8bcebb511d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-26 05:17:47 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.

POC

Reference

https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html
https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html
https://www.elttam.com/blog/fuzereview/#content
https://www.elttam.com/blog/fuzereview/#content
https://www.reddit.com/r/netsec/comments/89qrp1/stealing_credit_cards_from_fuze_via_bluetooth/
https://www.reddit.com/r/netsec/comments/89qrp1/stealing_credit_cards_from_fuze_via_bluetooth/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/elttam/publications

1.2 KiB Raw Blame History

CVE-2018-9119

Description

POC

Reference

Github

1.2 KiB

Raw Blame History