CVE-2025-32900

MEDIUM

KDE Connect <2025-04-18 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-32900. PoCs published by randshell.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-32900, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.

Description

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

Exploits (1)

gitlab WORKING POC
by randshell · poc
https://gitlab.com/randshell/kde-connect-security-disclosure

This repository contains a functional exploit PoC for CVE-2025-32900, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.

Classification
Working Poc 95%
Attack Type
Dos | Info Leak | Other
Complexity
Moderate
Reliability
Reliable
Target: KDE Connect (versions 7 and 8)
No auth needed
Prerequisites: Network access to target device · Knowledge of target device IP and UID
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 4.3
EPSS 0.0010
EPSS Percentile 1.2%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-348
Status published
Products (1)
KDE/KDE Connect information-exchange protocol < 2025-04-18
Published Dec 05, 2025
Tracked Since Feb 18, 2026