How severe is CVE-2025-12890?

CVE-2025-12890 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-12890

6.5MEDIUM

Improper handling of malformed Connection Request with the interval set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF triggers a crash. The peripheral will not be connectable after

Published: 11/7/2025Updated: 11/12/2025

Description

Improper handling of malformed Connection Request with the interval set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF triggers a crash. The peripheral will not be connectable after it.

AI AnalysisPowered by AI

References

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8hrf-pfww-83v9