Indian Motorcycle Scout Bobber Wireless Control Module Weak Authentication Vulnerability

Vulnerability

A weak authentication vulnerability has been identified in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year. This vulnerability allows an adjacent-network attacker with read access to the in-vehicle network to recover the user-set unlock PIN by passively observing a single PIN authentication exchange. The Infotainment Digital Round display responds using a non-cryptographic operation, making the PIN mathematically derivable from one captured exchange. This flaw undermines the motorcycle's primary user-authentication control.

Impact

Exploitation of this vulnerability allows for unauthorized recovery of the user-set unlock PIN, bypassing the motorcycle's authentication controls and potentially leading to unauthorized access or actions within the vehicle's systems.

Added: May 29, 2026, 8:20 AM

Updated: May 29, 2026, 8:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

9.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

9.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Indian Motorcycle Scout Bobber Wireless Control Module Weak Authentication Vulnerability

Vulnerability

Impact

Affected Products

Indian Motorcycle Scout Bobber +

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating