Coros Pace 3 and Additional Models Impacted by Vulnerability
Several models of Coros smartwatches have been found to contain a Bluetooth vulnerability that could allow malicious users to access personal data, read smartphone notifications, and even reset the devices. This security flaw was identified by a German IT firm during testing of the Coros Watch 3 paired with an Android smartphone. In response, Coros has acknowledged the issue and is actively working on software updates to address the vulnerabilities, with the first updates expected to be released for newer models by the end of July.
Details of the Bluetooth Vulnerability
The security flaws affecting Coros smartwatches were detailed in a blog post by SySS GmbH, the firm that uncovered the issues. The vulnerability allows an unauthenticated user within Bluetooth rangeโapproximately 10 metersโto take control of an unpatched Coros wearable. This access enables the attacker to view private information stored on the device and even send fake notifications to the smartwatch.
When connected to certain Android smartphones, a malicious user could potentially spy on all smartphone notifications displayed on the smartwatch. Additionally, they could modify the smartwatch’s settings, perform a factory reset during a workout, or cause the device to crash, leading to data loss during activities such as running. However, users of iPhones are currently protected, as iOS encrypts Bluetooth connections by default, preventing such unauthorized access.
Coros’ Response and User Recommendations
In light of these vulnerabilities, Coros has published a support article acknowledging the issue and providing guidance for users. The company recommends that users pair their smartwatches with Android devices only in non-public settings to minimize the risk of exposure. Furthermore, users are advised to force-quit the Coros app after use to enhance security.
Coros is committed to resolving these issues and has announced that software updates will be rolled out to several models, including the Pace 3, Pace Pro, Apex 2, Apex 2 Pro, Vertix 2, Vertix 2S, and Dura by the end of July. For other models, such as the Coros Pace 2 and Apex (42mm and 46mm), updates will follow shortly after, although specific timelines for these releases have not yet been disclosed.
Impact on Users and Future Precautions
The discovery of these vulnerabilities raises significant concerns for users of Coros smartwatches, particularly those who rely on their devices for fitness tracking and personal data management. The potential for unauthorized access to sensitive information underscores the importance of maintaining robust security measures in wearable technology.
As Coros works to implement the necessary updates, users are encouraged to remain vigilant and take precautions to protect their data. This includes being cautious about where and how they connect their devices, especially in public spaces. The situation serves as a reminder of the ongoing challenges in cybersecurity, particularly as technology continues to evolve and integrate into daily life.
Observer Voice is the one stop site for National, International news, Sports, Editorโs Choice, Art/culture contents, Quotes and much more. We also cover historical contents. Historical contents includes World History, Indian History, and what happened today. The website also covers Entertainment across the India and World.
