ByteOS Network

NVD Vulnerability Details :

CVE-2026-4583

Deferred

Source-cna@vuldb.com

Published At-23 Mar, 2026 | 11:16

Updated At-24 Apr, 2026 | 16:32

A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. The attack is considered to have high complexity. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	2.3	LOW	CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary	3.1	5.0	MEDIUM	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Secondary	2.0	4.3	MEDIUM	AV:A/AC:H/Au:N/C:P/I:P/A:P

Type: Secondary

Version: 4.0

Base score: 2.3

Base severity: LOW

Vector:

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Primary

Version: 3.1

Base score: 5.0

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Type: Secondary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:A/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

CWE ID	Type	Source
CWE-287	Primary	cna@vuldb.com
CWE-294	Primary	cna@vuldb.com

CWE ID: CWE-287

Type: Primary

Source: cna@vuldb.com

CWE ID: CWE-294

Type: Primary

Source: cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/Davim09/m6plusexploit/blob/main/docs/CVE-2-Replay.md	cna@vuldb.com	N/A
https://vuldb.com/?ctiid.352420	cna@vuldb.com	N/A
https://vuldb.com/?id.352420	cna@vuldb.com	N/A
https://vuldb.com/?submit.775434	cna@vuldb.com	N/A