CVE-2026-52866

MEDIUM

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Missing Authorization

Title source: cna

Description

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.

References (4)

Core 4

Core References

https://www.apollopharmacy.in/contact-us

https://www.cisa.gov/news-events/news/understanding-bluetooth-technology

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-169-01

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsma-26-169-01.json

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-862

Status published

Products (1)

Apollo Pharmacy/Blood Glucose Monitoring System (Model No. APG-01 BT) 0x0110_v1.1.0

Published Jun 19, 2026

Tracked Since Jun 19, 2026