Agasta Easytouch+ Bluetooth Low Energy Unauthorized Connection Vulnerability Leading to Denial-of-Service

A vulnerability allowing unauthorized mobile applications to connect to Agasta Easytouch+ devices via Bluetooth Low Energy (BLE) has been identified in version 9.3.97. This connection bypasses authentication, causing legitimate applications to be unable to connect and resulting in a denial-of-service. The vulnerability can be exploited from an adjacent network location.

Impact

Exploitation of this vulnerability causes a denial-of-service by disrupting the connection between the Easytouch+ device and its official mobile application. Once an unauthorized BLE connection is established, the application cannot access the device, leading to customer complaints and potential safety risks, especially for users relying on the heart rate monitoring feature.

Reproduction

To reproduce this vulnerability, turn on the Easytouch+ device and scan for it using the NRF Connect application. Once the device is detected, connect to it through NRF Connect, which will establish an unauthorized BLE connection. After this connection is made, attempt to connect the Easytouch+ device to the official Sanketlife mobile application. The connection will fail because the device is already connected to the unauthorized application, demonstrating the denial-of-service impact.

Remediation

Implementing proper device authentication measures could mitigate this vulnerability.