CVE-2025-44525
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-09

Last updated on: 2025-07-10

Assigner: MITRE

Description
Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-09
Last Modified
2025-07-10
Generated
2026-05-07
AI Q&A
2025-07-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-44525
EUVD
EUVD-2025-20830
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
texas_instruments cc2652rb_launchpad *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK version 7.41.00.17, where insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets allow an attacker to send a specially crafted LL_Length_Req packet that causes a Denial of Service (DoS).


How can this vulnerability impact me? :

An attacker can exploit this vulnerability to cause a Denial of Service (DoS) on devices using the affected SDK, potentially disrupting Bluetooth Low Energy communications and rendering the device temporarily or permanently unresponsive to BLE connections.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart