CVE-2016-6541

CVE-2016-6541: TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes

Weakness CWE-306 · Missing auth
Published July 6, 2018
Last update August 6, 2024

CVSS base score

What the vulnerability does

01Description

TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.

Key dates

02Disclosure timeline

July 6, 2018 CVE published
August 6, 2024 Record updated