Primary

Context

Hero Motocorp Vida V1 Pro Denial-of-Service Vulnerability via Bluetooth Low Energy Component

Vulnerability

A denial-of-service vulnerability has been identified in the Hero Motocorp Vida V1 Pro application, specifically in version 2.0.7. This issue allows a local attacker to disrupt services by exploiting the Bluetooth Low Energy (BLE) component of the application.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to become unresponsive or unavailable.

Reproduction

The vulnerability can be reproduced by establishing an unauthenticated Bluetooth Low Energy connection to the affected device. This can be done using a local device that supports BLE, by sending specific commands or requests that overwhelm the application's ability to process them, thereby causing a denial-of-service condition.

Added: Jan 9, 2026, 4:26 PM

Updated: Jan 9, 2026, 5:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.6

remediation

0.0

relevance

2.0

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.6

remediation

0.0

relevance

2.0

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hero Motocorp Vida V1 Pro Denial-of-Service Vulnerability via Bluetooth Low Energy Component

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating