CVE-2026-49322 | Indian Motorcycle Scout Bobber and Tech 2025 Wireless Control weak authentication (EUVD-2026-33257)

A weak authentication vulnerability (CVE-2026-49322) in the Wireless Control Module of the 2025 Indian Motorcycle Scout Bobber + Tech allows an adjacent-network attacker who can read the in-vehicle network to recover the user-set unlock PIN from a single observed authentication exchange; the flaw uses a non-cryptographic response computation, no public exploit is available, and the issue was disclosed by Scott Sheahan on 2026-05-29.