An attacker can send crafted HEX values to a specific GATT Charactristic handle on the Maxima Max Pro Power smartwatch to perform unauthorized actions like changing Time display format, updating Time, and notifications. Due to lack of integrity checks, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.