CVE-2026-5768 | Fourth Frontier Frontier X Mobile Application, Frontier X2 Missing Authentication for Critical Function

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities, triggering vibrations, causing denial-of-service conditions, and fuzzing characteristic values to induce unexpected behavior. Additionally, the Frontier X mobile application lacks proper BLE device authentication, allowing attackers to impersonate a legitimate Frontier X2 device and connect to the application. By cloning BLE advertisements and exposing expected GATT characteristics, attackers can manipulate activity states and inject fabricated health telemetry such as breathing rate, heart rate, strain, and other health-related data into the mobile application.

Published: 2026-05-29 Last update: 2026-06-01 Assigner: [email protected] Source: [email protected]

NVD Status：Awaiting Analysis，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2026-5768 is rated Low Risk (38.3/100): CVSS High severity, with low exploitation likelihood (EPSS 0.03%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2026-5768

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-05-30	—	0.03%	—

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2026-5768

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
8.8	3.1	HIGH	`CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` Click to expand Attack vector (AV:A) Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	2.8	5.9	[email protected]

Weakness enumeration for CVE-2026-5768

CWE-306 MITRE ↗

GitHub Security Advisory for CVE-2026-5768

GHSA-frhh-w545-jjh2 · Severity: high — The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT...

Affected software / configurations for CVE-2026-5768

Vendor	Product	Version	Raw CPE
No affected products in dataset.

References for CVE-2026-5768

URL	Tags
https://fourthfrontier.com/pages/contact-us
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsma-26-148-01.json
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-148-01

cvelogic Threat Intelligence