CVE-2026-52866

Summary

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.

Affected Software

VendorProductVersion RangeStatus
Apollo PharmacyBlood Glucose Monitoring System (Model No. APG-01 BT)0x0110_v1.1.0affected

Weaknesses

  • CWE-862: CWE-862

Workarounds

Apollo Pharmacy did not respond to CISA's requests to coordinate. Users are encouraged to reach out to Apollo Pharmacy directly for more information: https://www.apollopharmacy.in/contact-us

CISA recommends users follow the guidance in the Understanding Bluetooth Technology blog:  https://www.cisa.gov/news-events/news/understanding-bluetooth-technology

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References