Fourth Frontier Frontier X Mobile Application, Frontier X2
Summary
The Fourth Frontier Frontier X Mobile Application and Frontier X2 devices have a critical vulnerability (CVE-2026-5768) that allows unauthenticated attackers to read and write arbitrary handle values, change clinical readings, and take control of the device. Successful exploitation could lead to patient harm. Affected versions include Frontier X Android app <v15.0.0, Frontier X iOS app <v25.0.0, and Frontier X2 version all.
IFF Assessment
This vulnerability allows for unauthorized control of a medical device and manipulation of patient data, posing a direct risk to patient safety and data integrity.
Severity
The CVSS score of 8.8 reflects the high severity of this vulnerability. It involves an attack vector of Network (via BLE), involves privileges of None, and has a High impact on Confidentiality, Integrity, and Availability, allowing for unauthorized control and data manipulation.
Defender Context
This alert highlights a critical vulnerability in a medical device that could directly impact patient safety. Defenders in the healthcare sector must prioritize patching or mitigating these affected devices. The exploit leverages weak Bluetooth Low Energy (BLE) authentication, underscoring the need for robust security measures for connected medical equipment and diligent monitoring for unauthorized BLE activity.