ICE9 Security Advisory - ICE9-2019-001
--------------------------------------

Author: Mike Ryan <mike@ice9.us>
CVE: CVE-2018-9119
Full details: https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html
Date: 2018-04-04

Vendor: BrilliantTS
Product: FUZE Card
Versions affected: MCU firmware 0.1.73, BLE firmware 0.7.4
Risk: Medium
Remediation status: Unremediated, publicly exploitable

Description: FUZE Card is a Bluetooth-enabled credit card made by
BrilliantTS. ICE9 found that an attacker with physical access to the
card can bypass the lock screen and retrieve credit card numbers via
Bluetooth.

Categories: Improper access control, information disclosure

Recommendation: ICE9 recommends that customers maintain control of FUZE
Card at all times. Depending on individual risk profile, it may be
prudent to discontinue use of FUZE Card.

Disclosure timeline:

 - 2018-01-30 - Initial email to info@fuzecard.com and support@fuzecard.com
 - 2018-01-31 - Follow-up email sent
 - 2018-02-04 - Third follow-up sent
 - 2018-02-05 - Response received from BrilliantTS (FUZE tech support
                individual)
 - 2018-02-06 - Report sent to FUZE tech support individual
 - 2018-02-09 - Follow-up sent to FUZE tech support individual
 - 2018-02-13 - Final follow-up sent to FUZE tech support individual
 - 2018-03-22 - Disclosure period expired