CVE-2025-56019
BaseFortify
Publication date: 2025-10-02
Last updated on: 2025-10-27
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| agasta | easy_touch_plus_firmware | 9.3.97 |
| agasta | easy_touch_plus | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-277 | A product defines a set of insecure permissions that are inherited by objects that are created by the program. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability can impact you by allowing unauthorized mobile applications to connect to your Agasta Easytouch+ device without permission, which then prevents legitimate applications from connecting. This causes a denial of service, potentially disrupting normal device functionality and access.
Can you explain this vulnerability to me?
This vulnerability is an insecure permission issue in the Agasta Easytouch+ version 9.3.97 device. It allows unauthorized mobile applications to connect to the device via Bluetooth Low Energy (BLE) without requiring authentication. Once an unauthorized connection is made, legitimate applications cannot connect, resulting in a denial of service. The attack can only be performed from close physical proximity to the device.