Atomberg Erica Smart Fan Privilege Escalation and Information Disclosure Vulnerability

Vulnerability

A vulnerability in the Atomberg Erica Smart Fan firmware version 1.0.36 allows an attacker to escalate privileges and access sensitive information by sending a crafted deauthentication frame. This issue stems from inadequate protection against forged deauthentication frames and a lack of validation for fallback or reconnection processes on the device, which can disrupt the fan's operation and availability.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation and disruption of the fan's normal operation, causing availability issues.

Added: Jan 22, 2026, 4:20 PM

Updated: Jan 22, 2026, 4:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Atomberg Erica Smart Fan Privilege Escalation and Information Disclosure Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating