Structured database of cybersecurity exploits and vulnerabilities affecting Indian businesses, EV ecosystems, and consumer devices.
The BAT BMS app exploits unauthenticated Bluetooth Low Energy connections to remotely disable e-rickshaw batteries by toggling the BMS discharge MOSFET. Affects cheap Chinese BMS units with no password protection.
WhisperPair exploits Google Fast Pair's lack of re-authentication to hijack Bluetooth headphones. An attacker within BLE range can pair with already-paired headphones, intercept audio, and inject voice commands without the victim's knowledge.