header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Maxima Max Pro Power BLE Traffic Replay Vulnerability

An attacker can send crafted HEX values to a specific GATT Charactristic handle on the Maxima Max Pro Power smartwatch to perform unauthorized actions like changing Time display format, updating Time, and notifications. Due to lack of integrity checks, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.

Maxima Max Pro Power BLE Traffic Replay (Unauthenticated)

An attacker can send crafted HEX values to the GATT Charactristic handle on the Maxima Max Pro Power watch to perform unauthorized actions like changing time display format, updating time, and notifications. Due to lack of integrity check, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.

Maxima Max Pro Power – BLE Traffic Replay (Unauthenticated)

An attacker can send crafted HEX values to the GATT Charactristic handle '0x0012' on the Maxima Max Pro Power watch to perform unauthorized actions like changing Time display format, updating Time, and notifications. The lack of integrity checks allows the attacker to sniff values from one smartwatch and replay them on another, leading to unauthorized actions.

Recent Exploits: