CVE-2025-32898

MEDIUM

KDE Connect <2025-04-18 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-32898. PoCs published by randshell.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-32898, targeting KDE Connect. The exploit demonstrates various attacks including device spoofing, DoS via identity packet flooding, and information leakage by manipulating UDP broadcast packets.

Description

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

Exploits (1)

gitlab WORKING POC
by randshell · poc
https://gitlab.com/randshell/kde-connect-security-disclosure

This repository contains a functional exploit PoC for CVE-2025-32898, targeting KDE Connect. The exploit demonstrates various attacks including device spoofing, DoS via identity packet flooding, and information leakage by manipulating UDP broadcast packets.

Classification
Working Poc 95%
Attack Type
Dos | Info Leak | Other
Complexity
Moderate
Reliability
Reliable
Target: KDE Connect (versions 7 and 8)
No auth needed
Prerequisites: Network access to target devices · Knowledge of target device IPs and UIDs
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 4.7
EPSS 0.0013
EPSS Percentile 2.9%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-331
Status published
Products (1)
KDE/KDE Connect verification-code protocol < 2025-04-18
Published Dec 05, 2025
Tracked Since Feb 18, 2026