Recently, during an internal IoT research project, we did a pentest of the Android and iOS Yunmai smart scale apps.
Below are the 5 vulnerabilities that we discovered, and we chained 3 of these (#2,#3 and #4) to achieve mass account takeover. All vulnerabilities have been responsibly disclosed to Yunmai.
Archive
CONTACT US
contact@fortbridge.co.uk