CVE-2025-41657 | THREATINT

Description

Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.

PUBLISHED Reserved 2025-04-16 | Published 2025-06-10 | Updated 2025-06-10 | Assigner CERTVDE

MEDIUM: 4.3CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-207 Observable Behavioral Discrepancy With Equivalent Products

Product status

Default status

unaffected

01.01.2024 (semver) before 09.05.2025

affected

Default status

unaffected

01.01.2024 (semver) before 09.05.2025

affected

References

certvde.com/en/advisories/VDE-2025-047

cve.org (CVE-2025-41657)

nvd.nist.gov (CVE-2025-41657)

Download JSON

help @ threatint.eu