CVE-2025-36911

This repository contains a working proof-of-concept for CVE-2025-36911, a vulnerability in Google's Fast Pair protocol that allows unauthorized pairing and microphone access. The tool includes a BLE scanner, vulnerability tester, and exploit demonstration for authorized security testing.

This repository contains a proof-of-concept toolkit for CVE-2025-36911, a vulnerability in Google Fast Pair that allows unauthorized pairing with Bluetooth devices. The toolkit includes scanning, verification, and information gathering capabilities to identify vulnerable devices.

This repository contains a functional exploit PoC for CVE-2025-36911, targeting vulnerabilities in the Google Fast Pair protocol. The code includes methods to test pairing state predicates, nonce reuse, and invalid curve attacks, demonstrating the ability to bypass security checks in Bluetooth pairing processes.

This repository contains a Python-based exploit for CVE-2025-36911, a vulnerability in Google Fast Pair implementations that allows unauthorized pairing to Bluetooth audio devices. The tool includes scanning, testing, and exploitation capabilities, leveraging BLE and GATT protocols to bypass pairing restrictions.

This PoC demonstrates an authentication bypass vulnerability (CVE-2025-36911) in devices supporting Fast Pair, allowing unauthorized pairing via a crafted KBP handshake. It includes hardware-specific implementation for ESP32 and detailed protocol exploitation steps.

This repository contains a Python-based scanner for CVE-2025-36911, which tests Bluetooth audio devices for unauthenticated L2CAP connections to audio profiles (A2DP/AVRCP) without prior pairing. It checks for open PSMs and Fast Pair service detection.

WhisperPair-PoC-Tool is a Python-based security research tool that exploits CVE-2025-36911, a vulnerability in Google's Fast Pair ecosystem allowing unauthorized pairing bypass and Find My Device Network tracking exploitation. The tool demonstrates passive and active checks for vulnerable Bluetooth accessories.

The repository contains a functional exploit framework for CVE-2025-36911, targeting Google's Fast Pair protocol via Bluetooth Low Energy (BLE). The code includes a terminal interface for scanning, exploiting, and interacting with vulnerable devices, with clear technical implementation details.

This repository contains a Python-based scanner and tester for CVE-2025-36911, a vulnerability in Google Fast Pair that allows unauthorized pairing and potential tracking via the Find Hub network. The tool scans for vulnerable Bluetooth accessories and tests them for the WhisperPair attack.

The repository contains a functional exploit framework for CVE-2025-36911, targeting Google's Fast Pair protocol via Bluetooth Low Energy. It includes interactive terminal interfaces for scanning, exploiting, and testing HFP connections, with clear technical implementation in Python.

This repository provides a README for a tool called WPair, which is described as a defensive security research tool to demonstrate the CVE-2025-36911 vulnerability in Google's Fast Pair protocol. The README includes installation instructions, system requirements, and usage guidelines but does not contain any exploit code or technical details about the vulnerability itself.

The repository claims to provide a tool for detecting CVE-2025-36911 but contains no actual exploit code or technical details. It directs users to external downloads, which is a common tactic for malicious or deceptive repositories.

This repository contains a passive Bluetooth Low Energy (BLE) scanner designed to detect devices potentially vulnerable to CVE-2025-36911 by identifying Google Fast Pair indicators. It does not exploit the vulnerability but scans for exposed devices using specific UUIDs and manufacturer IDs.