← Back to CVEs
CVE-2025-14346
CRITICAL9.8
Description
WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with the device and issue movement commands, override speed restrictions, and manipulate configuration profiles without any credentials or user interaction.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published1/5/2026
Last Modified1/8/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-306
References
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-364-01(ics-cert@hq.dhs.gov)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.