CVE-2025-4321
BaseFortify
Publication date: 2025-11-17
Last updated on: 2025-11-17
Assigner: Silicon Graphics (SGI)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| silicon_labs | rs9116-wiseconnect_sdk | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
| CWE-240 | The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Bluetooth devices using the RS9116-WiseConnect SDK. It causes a Denial of Service (DoS) when the device receives malformed L2CAP packets. The device becomes unresponsive and can only be restored to normal operation by performing a hard reset.
How can this vulnerability impact me? :
The impact of this vulnerability is a Denial of Service on affected Bluetooth devices, meaning the device will stop functioning properly until it is hard reset. This can disrupt device availability and functionality, potentially causing inconvenience or operational issues.
What immediate steps should I take to mitigate this vulnerability?
The device experiences a Denial of Service when it receives malformed L2CAP packets and only a hard reset will bring the device back to normal operation. Therefore, immediate mitigation steps include performing a hard reset on affected devices if they become unresponsive due to this issue.