exploitDog

CVE-2025-48705

Опубликовано: 20 июн. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NULL pointer dereference vulnerability, sending a crafted BLE message forces the device to reboot.

Ссылки

https://syss.de
Third Party Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-027.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:yftech:coros_pace_3_firmware:*:*:*:*:*:*:*:*

Версия до 3.0808.0 (включая)

cpe:2.3:h:yftech:coros_pace_3:-:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00082

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-qggw-79c9-7rqv

CVSS3: 7.5

github

8 месяцев назад

An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NULL pointer dereference vulnerability, sending a crafted BLE message forces the device to reboot.

EPSS

Процентиль: 24%

0.00082

Низкий

7.5 High

CVSS3

Дефекты

CWE-476