How severe is CVE-2025-10457?

CVE-2025-10457 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2025-10457

Name: zephyr
Author: zephyrproject

4.3MEDIUM

The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely

Опубликовано: 9/19/2025Обновлено: 10/29/2025

Описание

The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.

ИИ-АнализНа базе ИИ

Затронутые продукты

zephyrprojectzephyr

Ссылки

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xqj6-vh76-2vv8
ExploitVendor Advisory