Description
An unauthenticated attacker within proximity of the Meatmeet device can perform an unauthorized Over The Air (OTA) firmware upgrade using Bluetooth Low Energy (BLE), resulting in the firmware on the device being overwritten with the attacker's code. As the device does not perform checks on upgrades, this results in Remote Code Execution (RCE) and the victim losing complete access to the Meatmeet.
References (2)
Core 2
Core References
Third Party Advisory, Exploit
https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-remote-code-execution-md
Third Party Advisory, Exploit
https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Device/Remote-Code-Execution.md
Scores
CVSS v3
8.8
EPSS
0.0027
EPSS Percentile
50.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (1)
meatmeet/meatmeet_pro_wifi_\&_bluetooth_meat_thermometer_firmware
1.0.34.4
Published
Dec 10, 2025
Tracked Since
Feb 18, 2026