CISA Warns of Missing Authentication Flaw in Fourth Frontier Heart Monitors
CISA has issued an advisory for CVE-2026-5768, a critical missing-authentication vulnerability in Fourth Frontier Frontier X and Frontier X2 heart monitors that could allow attackers to manipulate clinical readings and cause patient harm.
CISA has published an advisory warning of a critical vulnerability in Fourth Frontier's Frontier X and Frontier X2 wearable heart monitors. Tracked as CVE-2026-5768 and carrying a CVSS score of 8.8, the flaw stems from missing authentication for critical functions in both the device firmware and the companion mobile application. The advisory highlights that successful exploitation could allow an attacker within Bluetooth Low Energy (BLE) range to take control of the device, alter clinical readings, and potentially cause patient harm.
The vulnerability affects the Frontier X Android application versions below 15.0.0, the Frontier X iOS application versions below 25.0.0, and all versions of the Frontier X2 device. According to the advisory, the Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This enables attackers within BLE range to perform unauthorized control of device functions, including starting or stopping activities, triggering vibrations, causing denial-of-service conditions, and fuzzing characteristic values to induce unexpected behavior.
Additionally, the Frontier X mobile application lacks proper BLE device authentication, allowing attackers to impersonate a legitimate Frontier X2 device and connect to the application. By cloning BLE advertisements and exposing expected GATT characteristics, attackers can manipulate activity states and inject fabricated health telemetry such as breathing rate, heart rate, strain, and other health-related data into the mobile application. This could lead to incorrect clinical decisions if healthcare providers rely on the tampered data.
The vulnerability was reported to CISA by researchers Shakir Zari and Jerin Sunny. Fourth Frontier is aware of the issue and is working on a fix. In the meantime, CISA recommends users contact Fourth Frontier directly for assistance and implement defensive measures such as minimizing network exposure for control system devices, using firewalls, and isolating medical device networks from business networks. The advisory notes that the vulnerability is not exploitable remotely and that no known public exploitation has been reported at this time.
This advisory is part of CISA's ongoing effort to secure medical devices in the healthcare and public health sector. The Frontier X and Frontier X2 are used worldwide, and the potential for patient harm underscores the importance of timely patching and robust authentication mechanisms in connected medical devices. Users are advised to ensure their mobile apps are updated to the latest versions and to follow best practices for BLE device security.