You own an electric scooter Xiaomi Mi Electric Scooter? This report should definitely interest you, especially from the point of view of security against theft. The Slovak Trade Inspection Authority (SOI) has issued a safety notice for the type Xiaomi M365.
According to the available information, the weak point is security, specifically the misuse of the Anti-Theft function.
? NEWS: We have created a place where there should be no Xiaomi fan. join.
Statement of the Slovak Trade Inspection Authority (SOI)
The Slovak Trade Inspection Authority (hereinafter referred to as “SOI”), in cooperation with the National Security Office, tested on a sample of the product - an electric scooter XIAOMI model M365 its software security so-called "Cyber security", in particular:
a) possible misuse of the Anti-Theft function to block the scooter at rest to prevent it from starting,
b) possible misuse of the Anti-Theft function to block the scooter while riding and thus reduce its speed, resp. stop her completely
c) the possibility to install your own firmware and in its source code to modify specific constants to influence the operating parameters of the scooter
The Slovak Trade Inspection Authority has issued the following security warning:
"Test results have shown that using the Anti-Theft feature will actually block the scooter at rest and prevent it from starting. Possible misuse of the Anti-Theft function to block the scooter while riding and thus the possibility to reduce its speed, resp. to stop it completely has not been confirmed. However, using publicly available resources and applications, it is possible to install your own firmware on the device without the need for any authentication. The installation of modified firmware creates space for the execution of any code and a direct change of the operating parameters of the scooter. Improper handling of operating parameters can have negative effects on the service life of the equipment, can endanger the flow of road traffic or, in the case of targeted attacks, endanger the health of citizens.
Based on the above-mentioned XIAOMI model M365 scooter, the firmware version older than 1.5.1 poses a danger to the user himself as well as to other road users.
As part of its inspection activities, SOI carries out inspections of the Slovak market, the aim of which is to ensure that only XIAOMI model M365 electric scooters with firmware version 1.5.1 or higher are made available to the market.
SOI encourages consumers who own the product in question with a firmware version older than 1.5.1 to contact the seller from whom they purchased the product in question. The seller is obliged to eliminate the identified defect or otherwise the consumer has the right to withdraw from the contract.
At the same time, SOI appeals to economic operators who make the scooter available to verify that the products they make available do not have a firmware version older than 1.5.1. "
Update the firmware, consult the manufacturer
According to the inspection, there is a risk to health in the case of targeted attacks. It recommends it to all users software update for the mentioned version at least 1.5.1. The seller in Slovakia is also obliged to eliminate this deficiency, otherwise the buyer has the right to withdraw from the contract.
According to Tasr and portal zive.sk the first sellers in Slovakia have already responded to the notification of the trade inspection. Datart.sk and Hej.sk prompt customers to check the firmware version. If necessary, it is possible to contact the seller directly.
Both vendors also apologized to customers for complications.
Want more Xiaomi news? Subscribe to our newsletter.?