The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute.
Credits
Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability.
