CVE-2023-26979
LowCVSS 3.1Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
The BluetensQ app version 4.3.15 for Bluetens Electrostimulation Device is vulnerable to Man-in-the-Middle attacks over BLE. Attackers can hijack BLE communication to decrease or increase stimulator intensity.
Risk Assessment
The risk involves unauthorized modification of stimulation parameters, potentially causing user discomfort or injury.
Recommendation
Immediately update the BluetensQ app to the latest version and implement encryption and authentication for BLE communication.
Original NVD description (English source)
Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication.

