Withings Body Smart
From Wiki-IoT
Classification
| Withings Body Smart | |
|---|---|
| Classification | |
| Grade | A |
| Calculator version | 1 |
| Classification date | 2025-10-11 |
| Information | |
| Name | Withings Body Smart Scale - Body Composition Analyzer |
| Brand by Parent | Withings by Withings SA |
| Generation | 2nd Generation |
| Model(s) | WBS07 |
| Release date | 2022-01-05 |
| Type/Category | Smart Health Scale / Body Analyzer |
| Website | [1] |
| Status | In sale |
| More | |
| Dimensions | 12.8 x 12.8 x 0.9 inches |
| Mass | 3.3 lbs (1.5 kg) |
| Operating system | Proprietary RTOS |
| Companion App | Withings Health Mate |
| CPU | ARM Cortex-M series microcontroller |
| GPU | N/A |
| Memory | 512KB SRAM |
| Storage | 4MB Flash |
| Battery | 4x AA batteries (18+ month lifespan) |
| Power | Battery |
| Charging | N/A |
| Display | LCD with LED backlight |
| Camera | N/A |
| Sound | N/A |
| Connectivity | Bluetooth Low Energy 5.0, Wi-Fi 802.11 b/g/n |
| Device | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Known hardware tampering | None | [2] | No known instances of physical hardware compromise |
| Known vulnerabilities | Rare | [3] | Occasional app-related security updates, no major device CVEs |
| Prior attacks | None | [4] | No documented attacks targeting this specific device model |
| Updatability | Very common | [5] | Firmware updates delivered via app when device syncs |
| Category score | 2 | ||
| System | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Authentication with other systems | Full | [6] | OAuth 2.0 for secure integration with Apple Health, Google Fit |
| Communications | Encrypted with up-to-date encryption | [7] | BLE communications encrypted, Wi-Fi data uses TLS 1.2+ |
| Storage | Encrypted with up-to-date encryption | [8] | Data encrypted at rest in Withings cloud (AES-256) |
| Category score | 1 | ||
| User Authentication | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Account management | Full | [9] | Multi-user recognition, guest access, family accounts |
| Authentication | Secure | [10] | Optional two-factor authentication, strong password requirements |
| Brute-force protection | Exist | [11] | Account lockout after multiple failed login attempts |
| Event logging | Access event logged | [12] | Complete measurement history and device access logs |
| Passwords | Require change after setup with complexity requirements | [13] | Strong password enforced during account creation |
| Category score | 1 | ||
| Grade | A |
|---|
