CVE-2025-44525

{"id": "CVE-2025-44525", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-07-09T17:15:30.703", "references": [{"url": "http://cc2652rb.com", "source": "cve@mitre.org"}, {"url": "http://texas.com", "source": "cve@mitre.org"}, {"url": "https://github.com/yangting111/BLE_TEST/blob/main/result/PoC/TI/Length_Req_MaxRxBytes.md", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet."}, {"lang": "es", "value": "Se descubri\u00f3 que Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 utilizaba comprobaciones de permisos insuficientes en campos cr\u00edticos dentro de los paquetes de datos Bluetooth de baja energ\u00eda (BLE). Este problema permite a los atacantes causar una denegaci\u00f3n de servicio (DoS) mediante un paquete LL_Length_Req manipulado."}], "lastModified": "2025-07-10T13:17:30.017", "sourceIdentifier": "cve@mitre.org"}