Insufficient Authentication Check for Bluetooth Connection for EQ-3/Eqiva CC-RTE-BLE/Bluetooth Smart Radiator Thermostat in Firmware 1.46 and Below
Insufficient Authentication Check for Bluetooth Connection for EQ-3/Eqiva CC-RTE-BLE/Bluetooth Smart Radiator Thermostat in Firmware 1.46 and Below
Insufficient Authentication Check for Bluetooth Connection for EQ-3/Eqiva CC-RTE-BLE/Bluetooth Smart Radiator Thermostat in Firmware 1.46 and Below
| CVE ID | CVE-2024-34268 |
| CVE Link | https://nvd.nist.gov/vuln/detail/CVE-2024-34268 |
| Vendor | EQ-3 / Eqiva |
| Affected Product & Version | ≤ 1.46 |
| Vulnerability Type | CWE-284 Improper Access Control |
| CVSS Base Score / CVSS Vector | NVD: Awaiting analysis BDO: 7.1 High / CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L |
| Author | Clemens Keil |
| Date | 2026-05-27 |
CVE Details
Description:
The EQ-3 (Eqiva) CC-RT-BLE Bluetooth Smart Radiator Thermostat firmware up to the version 1.46 was discovered to allow unsecured Bluetooth connections. This vulnerability allows attackers to gain full access to the device without authentication. This is because no prior pairing is enforced for accessing the Bluetooth GATT characteristics of the thermostat.
Remediation:
Install version 1.48 / This can be done using the manufacturer’s “calor BT” app
References:
-
Timeline
2024-02-12: Vulnerability discovered and reported
2024-02-28: Manufacturer has confirmed the vulnerability
2024-04-29: CVE requested
2024-05-10: CVE ID assigned
2026-05-27: CVE published