CVE-2025-32899

MEDIUM

KDE Connect < 1.33.0 - Unauthenticated Device Unpairing via Broadcast UDP Discovery Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-32899. PoCs published by randshell.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-32899, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.

Description

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP.

Exploits (1)

gitlab WORKING POC
by randshell · poc
https://gitlab.com/randshell/kde-connect-security-disclosure

This repository contains a functional exploit PoC for CVE-2025-32899, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.

Classification
Working Poc 95%
Attack Type
Dos | Info Leak | Other
Complexity
Moderate
Reliability
Reliable
Target: KDE Connect (versions 7 and 8)
No auth needed
Prerequisites: Network access to target device · Knowledge of target device IP and UID
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 4.3
EPSS 0.0016
EPSS Percentile 5.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-1250
Status published
Products (1)
KDE/KDEConnect < 1.33.0
Published Dec 05, 2025
Tracked Since Feb 18, 2026