Количество 3
Количество 3
CVE-2025-20700
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSA-2p7g-vp3j-4rrg
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
BDU:2026-01011
Уязвимость службы GATT Bluetooth-чипов TWS-наушников Airoha Technology, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю обойти существующие ограничения безопасности
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-20700 In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
| GHSA-2p7g-vp3j-4rrg In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | BDU:2026-01011 Уязвимость службы GATT Bluetooth-чипов TWS-наушников Airoha Technology, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю обойти существующие ограничения безопасности | CVSS3: 6.3 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу