CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-35954

fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug (SWD) feature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.0%

CVSS Severity

CVSS v3 Score 8.1

References

https://payatu.com/advisory/dumping-and-re-flashing-firmware-fastrack-reflex
https://www.fastrack.in/shop/watch-smart-wearables-reflex-2
https://payatu.com/advisory/dumping-and-re-flashing-firmware-fastrack-reflex
https://www.fastrack.in/shop/watch-smart-wearables-reflex-2

Products affected by CVE-2021-35954

Fastrack » Reflex 2.0 » Version: N/A

cpe:2.3:h:fastrack:reflex_2.0:-
Fastrack » Reflex 2.0 Firmware » Version: 90.89

cpe:2.3:o:fastrack:reflex_2.0_firmware:90.89

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35954

Products

Pricing

Contact Us