yangting111

7 exploits Active since Mar 2025
CVE-2024-53406 WRITEUP HIGH WRITEUP
Espressif ESP-IDF 5.3.0 - Authentication Bypass via Session Key Reuse
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks.
CVSS 8.8
CVE-2025-44525 WRITEUP MEDIUM WRITEUP
Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7...
Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
CVSS 6.5
CVE-2025-44526 WRITEUP MEDIUM WRITEUP
Realtek RTL8762E SDK V1.4.0 - Denial of Service via BLE LL_Length_Req Packet
Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
CVSS 6.5
CVE-2025-44528 WRITEUP HIGH WRITEUP
Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK 7.41.00....
An issue in Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK 7.41.00.17 allows attackers to cause a Denial of Service (DoS) via sending a crafted LL_Pause_Enc_Req packet during the authentication and connection phase, causing a Denial of Service (DoS).
CVSS 7.5
CVE-2025-44531 WRITEUP HIGH WRITEUP
Realtek RTL8762E SDK v1.4.0 - Denial of Service via Crafted Pairing Random Before Public Key
An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt.
CVSS 7.5
CVE-2025-44557 WRITEUP HIGH WRITEUP
Cypress PSoC4 v3.66 - Authentication Bypass via Crafted Pairing Failed Packet
A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairing_failed packet.
CVSS 8.1
CVE-2025-44559 WRITEUP MEDIUM WRITEUP
Realtek RTL8762E BLE SDK <1.4.0 - DoS
An issue in the Bluetooth Low Energy (BLE) stack of Realtek RTL8762E BLE SDK v1.4.0 allows attackers within Bluetooth range to cause a Denial of Service (DoS) via sending a specific sequence of crafted control packets.
CVSS 6.5