CVE-2019-12500

Publication date

2019-05-31 11:55:23

Family

mitre

State

PUBLISHED

Description

The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.