Skip to main content

Parani M10 Motorcycle Intercom EUVDEUVD-2026-22071

| CVE-2026-31280 MEDIUM
Classic Buffer Overflow (CWE-120)
2026-04-13 mitre
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 10, 2026 - 21:22 vuln.today
CVSS changed
May 10, 2026 - 21:22 NVD
6.5 (MEDIUM)
EUVD ID Assigned
Apr 13, 2026 - 21:00 euvd
EUVD-2026-22071
CVE Published
Apr 13, 2026 - 00:00 nvd
N/A
CVE Published
Apr 13, 2026 - 00:00 nvd
MEDIUM 6.5

DescriptionCVE.org

An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service (DoS) via supplying crafted RFCOMM frames.

AnalysisAI

Denial of service in Parani M10 Motorcycle Intercom v2.1.3 via crafted Bluetooth RFCOMM frames allows unauthenticated attackers within wireless range to crash the device. The vulnerability exploits a buffer overflow in the RFCOMM service handler, causing high availability impact. A proof-of-concept exists but active exploitation has not been confirmed; EPSS score of 0.02% suggests limited real-world exploitation pressure despite the accessible attack vector.

Technical ContextAI

The Bluetooth RFCOMM (Radio Frequency Communication) protocol is a serial port emulation service layered atop the Bluetooth L2CAP protocol, commonly used in hands-free audio devices and intercoms for command and control channels. The Parani M10 implements RFCOMM to handle wireless communication between multiple intercom units. The vulnerability stems from CWE-120 (Buffer Copy without Checking Size of Input-'classic' buffer overflow), indicating that the RFCOMM frame parser does not properly validate the length of incoming frames before copying them into a fixed-size buffer. Malformed RFCOMM frames with oversized payloads trigger memory corruption, leading to device crash. The attack requires no authentication (CVSS PR:N) and no user interaction (UI:N), making exploitation straightforward for any attacker within Bluetooth range (AV:A-adjacent network).

RemediationAI

Contact Parani/Amoebatech for a patched firmware version; the CVE description and available references do not specify an exact fixed version number, preventing a definitive upgrade path from this analysis. Until a patch is available, mitigation relies on operational controls: disable or restrict Bluetooth RFCOMM services if not required for core intercom function (trade-off: loss of remote command capability or pairing flexibility), disable Bluetooth entirely in low-threat environments (trade-off: intercom becomes wired-only), or maintain physical isolation of intercom units from untrusted Bluetooth environments (trade-off: reduced mobility and multi-unit coordination). For motorcycle riders, recommend avoiding public or crowded venues where rogue Bluetooth attackers could operate. Monitor Amoebatech security advisories and VulDB/NVD for patch availability; subscribe to vendor security notifications if available. If a patched firmware version is released, apply it immediately via over-the-air update (if supported) or device firmware flash.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

EUVD-2026-22071 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy