| Titel | Flycatcher Toys smART Pixelator 2.0 2.0 Missing Authentication |
|---|
| Beschreibung | The smART Pixelator 2.0 is a Bluetooth-enabled children's craft device that fails to implement authentication on its Bluetooth Low Energy interface. The device exposes a writable BLE characteristic (UUID: 0000ffe6-0000-1000-8000-00805f9b34fb) that accepts connections and commands from any nearby Bluetooth device without requiring pairing, PIN, or any other form of authentication. This allows an unauthenticated attacker within Bluetooth range to connect to the device, upload arbitrary messages and images that are immediately displayed on the LED grid, and control device functions without user knowledge, authorization, or notification. This vulnerability could enable attackers to display inappropriate content to children using the devices in homes, apartments, schools, daycare, and other settings. The vendor provides a mobile application requiring user authentication, creating a false impression of device security. However, the BLE service has no authentication and accepts connections from any client, completely bypassing the app. Attackers need neither the app nor user credentials to control the device, while users (parents) incorrectly believe they are protected. This affects all versions of the toy. Notably, this is the same architectural vulnerability found in the vendor's smART Sketcher 2.0 product (CVE-2026-0842), indicating a pattern of insecure Bluetooth implementations across the product line. I have reached out to the vendor multiple times without response. |
|---|
| Quelle | ⚠️ https://github.com/davidrxchester/smart-pixelator-upload |
|---|
| Benutzer | davidrochester (UID 94063) |
|---|
| Einreichung | 23.01.2026 01:04 (vor 4 Monaten) |
|---|
| Moderieren | 06.02.2026 07:56 (14 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 344632 [Flycatcher Toys smART Pixelator 2.0 Bluetooth Low Energy Interface schwache Authentisierung] |
|---|
| Punkte | 20 |
|---|