A security vulnerability in Xiaomi’s Mijia M365 electric scooter exposes it to hackers
Hackers have focused good gadgets like audio system with voice assistant and smartwatches in addition to social media platforms. Now, they might flip their sights to electric scooters, in specific, the Xiaomi Mijia M365 electric scooter.
According to a Wired report, director of security agency Zimperium, Rani Idan says he has uncovered a security flaw in the Bluetooth module of the affected e-scooter. He may join to the scooter through Bluetooth with none authentication. Following which he had the freedom to set up firmware on the gadget with any system checks. This means a hacker with nefarious intentions can set up malware on the scooter and have full management over the gadget.
Zimperium has reached out to Xiaomi; nevertheless, the agency was unable to problem any fast fixes because the M365’s Bluetooth module implementation was outsourced to a third-party contractor. This means any fixes shall be depending on the contractor’s efforts. Zimperium has developed each Android and iOS variations of proof-of-concept malware to probe the e-scooter’s weak point. The security agency has taken the controversial step in making public the Android model of its app in order to power “unresponsive IoT firms and electronics producers” to take accountability.
The Xiaomi Mijia M365 electric scooter is obtainable regionally and is UL2272 licensed for LTA compliance.
(Source: Wired, Xiaomi)