CVE-2025-56019

MEDIUM

Agasta Easytouch+ 9.3.97 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-56019. PoCs published by Yashodhanvivek.

AI-analyzed exploit summary This repository contains a README file referencing CVE-2025-56019, which pertains to a BLE authentication vulnerability in the Agatsa EasyTouch+ product. The README directs users to download a report PDF, but no exploit code or technical details are provided.

Description

An insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device allows unauthorized mobile applications to connect via Bluetooth Low Energy (BLE) without authentication. Once an unauthorized connection is established, legitimate applications are unable to connect, causing a denial of service. The attack requires proximity to the device, making it exploitable from an adjacent network location.

Exploits (1)

nomisec WRITEUP
by Yashodhanvivek · poc
https://github.com/Yashodhanvivek/Agatsa-EasyTouch-Plus---CVE-2025-56019

This repository contains a README file referencing CVE-2025-56019, which pertains to a BLE authentication vulnerability in the Agatsa EasyTouch+ product. The README directs users to download a report PDF, but no exploit code or technical details are provided.

Classification
Writeup 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Agatsa EasyTouch+ (version unspecified)
No auth needed
Prerequisites: Access to the repository to download the report PDF
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 6.5
EPSS 0.0031
EPSS Percentile 22.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-277
Status published
Products (1)
agasta/easy_touch_plus_firmware 9.3.97
Published Oct 02, 2025
Tracked Since Feb 18, 2026