CVE-2025-10456 HIGH

CVE-2025-10456: Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests

Vendor Zephyrproject-Rtos
Product Zephyr
Weakness CWE-190
Published September 19, 2025
Last update September 19, 2025

CVSS base score

7.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.

Key dates

02Disclosure timeline

September 19, 2025 CVE published
September 19, 2025 Record updated