📦 Coros Pace 3 Firmware

An out-of-bounds read vulnerability in COROS PACE 3 devices allows attackers to cause denial of service by sending crafted BLE messages that force device reboots. This affects COROS PACE 3 smartwatch ...

COROS PACE 3 smartwatches through firmware version 3.0808.0 incorrectly identify themselves as devices without input/output capabilities, forcing Bluetooth Low Energy (BLE) pairing to use the 'Just Wo...

COROS PACE 3 smartwatches download firmware updates over unencrypted HTTP connections, allowing attackers on the same WLAN network to intercept and potentially modify firmware files. This affects all ...

COROS PACE 3 fitness watches through version 3.0808.0 automatically advertise via Bluetooth Low Energy when not connected to a paired device, allowing any nearby attacker to connect without authentica...

This vulnerability allows attackers within Bluetooth range to eavesdrop on communications between COROS PACE 3 smartwatches and paired devices. The BLE implementation uses insecure legacy pairing with...