Machine-generated analysis · WAYSCloud LLM
Zero Motorcycles firmware allows unauthorized Bluetooth pairing when the vehicle is in pairing mode. This enables firmware manipulation by nearby attackers.
Context
The affected product is firmware for Zero Motorcycles electric motorcycles. The advisory states that an attacker in proximity could forcibly pair via Bluetooth and potentially upload malicious firmware using over-the-air update functionality. The advisory notes that the motorcycle must be in Bluetooth pairing mode and the attacker must understand the pairing process.
Operator considerations
Check: Inventory Zero Motorcycles with firmware version 44 or earlier
Successful exploitation of this vulnerability could allow an attacker to pair via Bluetooth with a motorcycle, gaining unauthorized access to all Bluetooth functions, including changing the firmware.
Read the full advisory on CISA →