WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A)

Plan PatchCVSS 9.8ICS-CERT ICSMA-25-364-01Dec 30, 2025

Energy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

WHILL Model C2 electric wheelchairs and Model F power chairs contain a Bluetooth authentication bypass vulnerability (CWE-306) that allows an attacker within Bluetooth range to remotely take control of the device. All versions of both products are affected. WHILL has released firmware updates (HMI v2.24 for Model C2 and HMI v2.25 for Model F) that disable the Bluetooth interface after installation, preventing unauthorized remote control.

What this means

What could happen

An attacker within Bluetooth range could remotely take control of the wheelchair or power chair, potentially stopping it, altering speed, or causing the user to lose mobility in an unsafe situation.

Who's at risk

Users of WHILL Model C2 electric wheelchairs and Model F power chairs. Anyone responsible for maintaining, deploying, or managing mobility-assist devices in medical facilities, long-term care settings, or personal use environments should be concerned about loss of device control and user safety.

How it could be exploited

An attacker within Bluetooth range sends commands to the unprotected Bluetooth interface on the device. The device accepts these commands without authentication, allowing the attacker to manipulate motor control and movement parameters.

Prerequisites

Attacker must be within Bluetooth range (typically 10-100 meters depending on device)
No authentication required to send commands
Device must have Bluetooth enabled

remotely exploitableno authentication requiredlow complexityaffects safety systemsBluetooth range allows attack from nearby attacker

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Model F Power Chair: vers:all/*All versionsHMI v2.25

Model C2 Electric WheelChair: vers:all/*All versionsHMI v2.24

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDisable Bluetooth on the device when not in use or when in untrusted environments

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Model C2 to HMI v2.24 or later

HOTFIXUpdate Model F to HMI v2.25 or later

CVEs (1)

CVE-2025-14346

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ada2a954-7393-4fc0-9152-404af0c37a20

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.