The Frontier X2 device and its Android application suffer from a lack of BLE authentication controls, specifically CWE-306 (Missing Authentication for Critical Function). Attackers in BLE range can access and modify critical GATT characteristics without pairing or authorization, leading to unauthorized control of device functions and denial-of-service conditions. The Frontier X mobile app also fails to authenticate BLE devices, allowing attackers to impersonate legitimate devices by cloning BLE advertisements and exposing expected GATT characteristics. This enables injection of false health telemetry data such as breathing rate, heart rate, and strain into the app. The CVSS 3.1 score is 8.8 (high severity) with attack vector as adjacent network, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. No patch or official remediation level is currently documented.

Attackers within BLE range can gain unauthorized control over Frontier X2 device functions, including starting and stopping activities, triggering vibrations, and causing denial-of-service. They can also manipulate health telemetry data shown in the Frontier X Android application by impersonating legitimate devices, potentially leading to false health information being recorded or displayed. This compromises confidentiality, integrity, and availability of device and application data.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should limit physical proximity of untrusted devices to the Frontier X2 device and monitor for suspicious BLE activity. Avoid pairing or connecting the mobile app to unknown or untrusted BLE devices. Follow vendor updates closely for any forthcoming patches or security advisories.