Qardio iOS and Android Applications and QardioARM A100 Firmware Exposure Vulnerability

A vulnerability exists in the Qardio Heart Health iOS and Android applications, as well as the QardioARM A100 device, all versions. This vulnerability allows an attacker to access firmware files, reverse engineer their functionality, and potentially exploit the associated hardware devices. The issue leads to a breach of confidentiality and integrity for the affected devices.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive firmware information, allowing for reverse engineering and potential misuse of the associated hardware devices.

Remediation

Qardio has not provided a response or mitigation for these vulnerabilities. Users are encouraged to contact Qardio customer support for more information. As a general precaution, Bluetooth should be disabled when not in use, and devices should not be used in public or within Bluetooth range of potential threats.