Safety researchers have demonstrated a essential vulnerability in high-tech electrical wheelchairs that enables for unauthorized distant management, highlighting new security dangers for related mobility gadgets.
On December 30, the US cybersecurity company CISA revealed an advisory to tell the general public a couple of critical vulnerability found by researchers in electrical wheelchairs made by WHILL, a Japan-based firm whose private electrical mobility gadgets are offered all over the world.
In line with CISA’s advisory, WHILL Mannequin C2 and Mannequin F electrical wheelchairs are affected by a lacking authentication vulnerability. The difficulty is tracked as CVE-2025-14346 and it has been assigned a essential severity score.
CISA mentioned the WHILL wheelchairs didn’t implement authentication for Bluetooth connections, permitting an attacker who’s in Bluetooth vary of the focused gadget to pair with it. The attacker may then management the wheelchair’s actions, override pace restrictions, and manipulate configuration profiles, all with out requiring credentials or person interplay.
The flaw was found by a staff from QED Safe Options, a research-driven cybersecurity agency that helps personal and authorities organizations safe operational know-how (OT) and different essential programs.
QED researchers have been demonstrating assaults with a probably extreme influence for a few years. Almost a decade in the past, on the Black Hat convention, they confirmed how hackers may trigger bodily harm to autos and injure their occupants by remotely hacking a automobile wash.Commercial. Scroll to proceed studying.
QED co-founder Billy Rios informed SecurityWeek that the vulnerability in WHILL wheelchairs was found throughout an annual hackathon organized by the corporate in 2025.
“We normally decide a know-how, buy it, journey to a central location, after which spend per week or two hacking it,” Rios, who’s a good safety researcher, defined.
Throughout their experiments, QED researchers efficiently gained bodily management of the wheelchair, maneuvering the gadget utilizing a keyboard and a recreation controller. By disabling built-in security options, the researchers had been capable of function the wheelchair at speeds exceeding its supposed remote-control parameters.
To show a high-impact theoretical situation, the staff developed an exploit designed to routinely compromise any WHILL wheelchair inside proximity. SecurityWeek reviewed a video demonstration of this exploit, which confirmed a wheelchair being remotely pushed off a flight of stairs at excessive pace.
Whereas an attacker should initially be inside Bluetooth vary to execute the exploit, Rios famous that it’s theoretically attainable to keep up management even after the gadget strikes out of the unique vary. “We didn’t show this, however it’s attainable,” Rios mentioned.
WHILL additionally has an autonomous wheelchair mannequin, however Rios mentioned they’ve but to check it.
In line with CISA’s advisory, WHILL issued a patch and deployed mitigations for a number of safety points in late December 2025. Nevertheless, Rios acknowledged that his staff was not supplied with the replace, leaving them unable to confirm whether or not it successfully prevents the documented assaults. It’s unclear whether or not the patch is routinely deployed to gadgets or if customers need to manually set up it.
Rios identified that whereas the analysis was carried out “for enjoyable”, the vulnerability raises critical questions in regards to the safety of WHILL merchandise.
The seller has obtained FDA clearance for its merchandise, however the authorities company is probably going not conscious that WHILL wheelchairs lacked important protections, reminiscent of robust authentication and encryption, and firmware code signing, the researcher mentioned.
“That is particularly troubling, on condition that we demonstrated clear patient-safety dangers related to their wheelchairs,” Rios mentioned.
WHILL has not responded to SecurityWeek’s request for remark.
Associated: Free Wi-Fi Leaves Buses Weak to Distant Hacking
Associated: Distant CarPlay Hack Places Drivers at Threat of Distraction and Surveillance
