CVE-2025-65828
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-30
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meatmeet | meatmeet_pro_wifi_\&_bluetooth_meat_thermometer_firmware | 1.0.34.4 |
| meatmeet | meatmeet_pro_wifi_\&_bluetooth_meat_thermometer | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an unauthenticated attacker who is physically close to a Meatmeet device to send commands over Bluetooth Low Energy (BLE) that cause a Denial of Service. The attacker can issue commands such as shutdown, restart, or clear config. The clear config command disassociates the device from its user, requiring re-configuration to restore functionality.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can disrupt the normal operation of the Meatmeet device by shutting it down, restarting it, or clearing its configuration. This results in the end user being unable to receive updates from the Meatmeet base station and cloud services until the device is fixed or turned back on, causing service interruption.