CVE-2020-11921 Information

Description

An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic encryption it is possible to hijack an ongoing Bluetooth connection between the Lush 2 and a mobile phone. This allows an attacker to gain full control over the device.

Reference

https://seclists.org/fulldisclosure/2024/Jul/14