exploitDog

CVE-2025-10457

Опубликовано: 19 сент. 2025

Источник: nvd

CVSS3: 4.3

CVSS3: 8.1

EPSS Низкий

Описание

The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.

Ссылки

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xqj6-vh76-2vv8
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*

Версия до 4.1.0 (включая)

EPSS

Процентиль: 14%

0.00046

Низкий

4.3 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-358

EPSS

Процентиль: 14%

0.00046

Низкий

4.3 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-358