CVE-2025-65828
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-65828, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-10

Last updated on: 2026-07-05

Assigner: MITRE

Description

An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy (BLE) to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from its user and would require re-configuration to re-enable the device. As a result, the end user would be unable to receive updates from the Meatmeet base station which communicates with the cloud services until the device had been fixed or turned back on.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-10
Last Modified
2026-07-05
Generated
2026-07-06
AI Q&A
2025-12-11
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer_firmware 1.0.34.4
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows an unauthenticated attacker who is physically close to a Meatmeet device to send commands over Bluetooth Low Energy (BLE) that cause a Denial of Service. The attacker can issue commands such as shutdown, restart, or clear config. The clear config command disassociates the device from its user, requiring re-configuration to restore functionality.

Impact Analysis

The impact of this vulnerability is that an attacker can disrupt the normal operation of the Meatmeet device by shutting it down, restarting it, or clearing its configuration. This results in the end user being unable to receive updates from the Meatmeet base station and cloud services until the device is fixed or turned back on, causing service interruption.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65828. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart