Vulnerability CVE-2018-9119


Published: 2018-04-04

Description:
An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.

Type:

CWE-306

(Missing Authentication for Critical Function)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.6/10
4.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Brilliantts -> Fuze card ble firmware 
Brilliantts -> Fuze card mcu firmware 

 References:
https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html
https://ice9.us/advisories/ICE9-2018-001.txt
https://www.reddit.com/r/netsec/comments/89qrp1/stealing_credit_cards_from_fuze_via_bluetooth/

Copyright 2024, cxsecurity.com

 

Back to Top