CVE-2026-0842
📋 TL;DR
CVE-2026-0842 is an authentication bypass vulnerability in Flycatcher Toys smART Sketcher's Bluetooth Low Energy interface. Attackers on the same local network can exploit this flaw to gain unauthorized access to the device. This affects all smART Sketcher devices up to version 2.0.
💻 Affected Systems
- Flycatcher Toys smART Sketcher
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete device compromise allowing attackers to upload malicious firmware, steal user data, or brick the device.
Likely Case
Unauthorized access to device functions, potential data exfiltration, or disruption of normal operations.
If Mitigated
Limited impact if network segmentation prevents local network access by untrusted devices.
🎯 Exploit Status
Public exploit script available on GitHub, requires only local network access and basic Bluetooth tools.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Vendor has not responded to disclosure.
🔧 Temporary Workarounds
Disable Bluetooth Low Energy
allTurn off BLE functionality on the smART Sketcher device if possible
Network Segmentation
allIsolate smART Sketcher devices on a separate VLAN or network segment
🧯 If You Can't Patch
- Physically disconnect device from networks when not in use
- Implement strict network access controls to limit which devices can communicate with the smART Sketcher
🔍 How to Verify
Check if Vulnerable:
Check device version in settings menu or via Bluetooth discovery. If version is 2.0 or earlier, device is vulnerable.Check Version:
Check device settings menu or use Bluetooth scanning tools to identify device versionVerify Fix Applied:
No fix available to verify. Monitor for vendor firmware updates.📡 Detection & Monitoring
Log Indicators:
- Unusual Bluetooth connection attempts
- Unexpected firmware upload activity
Network Indicators:
- Unusual BLE traffic patterns
- Multiple failed authentication attempts followed by successful access
SIEM Query:
Search for Bluetooth Low Energy connection events from unauthorized MAC addresses to smART Sketcher devices