exploitDog

CVE-2025-48706

Опубликовано: 20 июн. 2025

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read vulnerability, sending a crafted BLE message forces the device to reboot.

Ссылки

https://syss.de
Third Party Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-028.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:yftech:coros_pace_3_firmware:*:*:*:*:*:*:*:*

Версия до 3.0808.0 (включая)

cpe:2.3:h:yftech:coros_pace_3:-:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00091

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-125

Связанные уязвимости

GHSA-p84v-7wxg-rrm9

CVSS3: 9.1

github

8 месяцев назад

An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read vulnerability, sending a crafted BLE message forces the device to reboot.

EPSS

Процентиль: 26%

0.00091

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-125