CVE-2026-0842 identifies a security vulnerability in Flycatcher Toys smART Sketcher up to version 2.0, specifically within its Bluetooth Low Energy (BLE) interface component. The vulnerability stems from missing authentication controls, allowing an attacker on the same local network segment to connect and interact with the device without any authentication. This lack of authentication could enable unauthorized commands or data manipulation, potentially compromising the device's confidentiality, integrity, and availability. The attack vector is local network access, meaning the attacker must be within wireless or wired network proximity, limiting remote exploitation. The vulnerability does not require user interaction, privileges, or prior authentication, making it easier to exploit once local access is obtained. The vendor was notified early but has not responded or released a patch, and exploit code has been published publicly, increasing the risk of exploitation. The CVSS 4.0 base score is 5.3 (medium), reflecting the moderate impact and limited attack scope. The vulnerability affects version 2.0 of the smART Sketcher product, which is a smart toy likely used in educational or home environments. The missing authentication in the BLE interface could allow attackers to manipulate the toy’s functions or extract sensitive data communicated over BLE. Since BLE is often used for device control and data exchange, this flaw could lead to unauthorized control or data leakage. The absence of vendor mitigation or patches necessitates defensive measures by users and organizations to reduce exposure. The exploitability is enhanced by the public availability of exploit code, though the requirement for local network access limits widespread remote attacks. Overall, this vulnerability represents a moderate risk primarily to environments where the device is deployed and accessible via local networks.

For European organizations, particularly schools, childcare centers, and households using Flycatcher Toys smART Sketcher, this vulnerability poses a risk of unauthorized access and control over the device. Potential impacts include unauthorized manipulation of the toy’s functions, leakage of any data exchanged over BLE, and disruption of device availability. While the attack requires local network access, environments with open or poorly segmented wireless networks are especially vulnerable. Confidentiality could be compromised if sensitive data is transmitted via BLE without encryption. Integrity is at risk due to the possibility of unauthorized commands altering device behavior. Availability could be affected if attackers disrupt normal operations. The lack of vendor response and patch increases the window of exposure. Although the impact is limited to local network scope, the presence of exploit code raises the likelihood of opportunistic attacks. European organizations with dense deployments of smart toys or BLE devices in shared network environments face elevated risks. This vulnerability could also undermine trust in IoT devices used in educational settings, potentially leading to reputational damage and regulatory scrutiny under GDPR if personal data is involved.

1. Network Segmentation: Isolate smart toys and BLE devices on separate VLANs or wireless networks to restrict local network access only to trusted users and devices. 2. Disable BLE Interface: If the BLE functionality of the smART Sketcher is not required, disable it to eliminate the attack vector. 3. Monitor Local Network Traffic: Deploy network monitoring tools to detect unusual BLE or device communication patterns indicative of exploitation attempts. 4. Access Controls: Implement strong Wi-Fi security (WPA3 where possible) and restrict physical and network access to trusted personnel only. 5. Vendor Engagement: Continuously attempt to engage Flycatcher Toys for patch development and updates; track vulnerability disclosures for any new fixes. 6. User Awareness: Educate staff and users about the risks of connecting unknown devices to local networks and the importance of securing IoT devices. 7. Incident Response Planning: Prepare to isolate affected devices quickly if suspicious activity is detected to prevent lateral movement. 8. Firmware Auditing: If possible, audit or reverse engineer the device firmware to identify additional security weaknesses or develop custom mitigations. 9. Consider Alternative Products: Evaluate replacing vulnerable devices with more secure alternatives that follow best practices for authentication and BLE security.