216.73.217.172

CVE-2025-41690

· Published 02/09/2025 08:15 · Modified 02/09/2025 08:15

Labels: CVE-2025-41690 2025-09-02CVE-2025-41690CWE-532[email protected]

Essential information

Published
02/09/2025 08:15
Modified
02/09/2025 08:15
Author
Creator
CVSS
7.4 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / bluetooth device cpe:2.3:a:*:bluetooth_device:*:*:*:*:*:*:*:*

References