How severe is CVE-2025-12890?

CVE-2025-12890 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-12890

6.5MEDIUM

Improper handling of malformed Connection Request with the interval set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF triggers a crash. The peripheral will not be connectable after

Publicado: 11/7/2025Actualizado: 11/12/2025

Descripción

Improper handling of malformed Connection Request with the interval set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF triggers a crash. The peripheral will not be connectable after it.

Análisis IAImpulsado por IA

Referencias

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8hrf-pfww-83v9