How severe is CVE-2025-56019?

CVE-2025-56019 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-56019

Name: easy_touch_plus
Author: agasta

6.5MEDIUM

An insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device allows unauthorized mobile applications to connect via Bluetooth Low Energy (BLE) without authentication.

Published: 10/2/2025Updated: 10/27/2025

Description

An insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device allows unauthorized mobile applications to connect via Bluetooth Low Energy (BLE) without authentication. Once an unauthorized connection is established, legitimate applications are unable to connect, causing a denial of service. The attack requires proximity to the device, making it exploitable from an adjacent network location.

AI AnalysisPowered by AI

Affected Products

agastaeasy_touch_plus_firmware

9.3.97

agastaeasy_touch_plus

References

https://github.com/Yashodhanvivek/Agatsa-EasyTouch-Plus---CVE-2025-56019/blob/main/input.md
ExploitThird Party Advisory