The vulnerability identified as CVE-2025-14346 affects the WHILL Model C2 Electric Wheelchair and Model F Power Chairs by lacking any authentication mechanism for Bluetooth connections. This flaw is categorized under CWE-306 (Missing Authentication for Critical Function), meaning critical functions can be accessed without verifying the identity of the connecting party. Since Bluetooth pairing is unrestricted, an attacker within wireless range can connect to the wheelchair and issue arbitrary commands. These commands include controlling movement directions, overriding speed restrictions designed for safety, and modifying configuration profiles that may affect device behavior. The vulnerability impacts all versions of the affected models, indicating a systemic design flaw rather than a patchable bug in specific releases. The CVSS v3.1 base score of 9.8 reflects the ease of exploitation (no privileges or user interaction required), network attack vector, and the severe consequences on confidentiality, integrity, and availability. The attacker can fully control the wheelchair, potentially causing physical harm to the user or others. No patches or firmware updates are currently available, and no exploits have been observed in the wild yet. The vulnerability was reserved in December 2025 and published in January 2026 by ICS-CERT, highlighting its relevance to industrial control and safety-critical devices. This issue underscores the risks of insufficient security design in assistive medical devices that rely on wireless communication.

For European organizations, the impact of this vulnerability is significant, especially for healthcare providers, rehabilitation centers, assisted living facilities, and any institutions deploying WHILL Model C2 or Model F wheelchairs. Unauthorized control over wheelchairs can lead to physical injury to users or bystanders, liability issues, and loss of trust in assistive technologies. The confidentiality of user data may also be compromised if configuration profiles contain personal information. The integrity and availability of the wheelchair’s functions are directly threatened, potentially rendering the device unsafe or unusable. This could disrupt patient care and increase operational costs due to device recalls or replacements. Additionally, the reputational damage to healthcare providers and manufacturers could be severe. Given the critical nature of the vulnerability and the lack of authentication, attackers with minimal technical skill could exploit this threat if in proximity, making it a high-risk scenario in densely populated or clinical environments.

Immediate mitigation requires WHILL to develop and distribute firmware updates that enforce strong authentication for Bluetooth connections, ideally using secure pairing methods such as passkey entry or out-of-band authentication. Until patches are available, organizations should implement strict physical security controls to limit attacker proximity, such as restricting wheelchair use to controlled environments and disabling Bluetooth when not in use if possible. Employing Bluetooth signal jamming or shielding in sensitive areas may reduce attack surface. Training staff and users to recognize unusual wheelchair behavior and report incidents promptly is critical. Network segmentation and monitoring of Bluetooth traffic can help detect unauthorized pairing attempts. Procurement policies should prioritize devices with robust security features. Collaboration with WHILL for timely updates and vulnerability disclosure is essential. Finally, conducting risk assessments for all assistive devices using wireless communication will help identify and mitigate similar vulnerabilities proactively.