CVE-2025-32875

{"id": "CVE-2025-32875", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2025-06-20T14:15:27.730", "references": [{"url": "https://support.coros.com/hc/en-us/categories/4416357319956-Software-Updates", "source": "cve@mitre.org"}, {"url": "https://syss.de", "source": "cve@mitre.org"}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-025.txt", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing attackers within Bluetooth range to eavesdrop on the communication. Furthermore, even if a user manually initiates pairing and bonding in the Android settings, the application continues to transmit data without requiring the watch to be bonded. This fallback behavior enables attackers to exploit the communication, for example, by conducting an active machine-in-the-middle attack."}, {"lang": "es", "value": "Se detect\u00f3 un problema en la aplicaci\u00f3n COROS hasta la versi\u00f3n 3.8.12 para Android. El emparejamiento y la vinculaci\u00f3n Bluetooth no se inician ni se aplican por la propia aplicaci\u00f3n. Adem\u00e1s, el reloj no aplica el emparejamiento y la vinculaci\u00f3n. Como resultado, los datos transmitidos mediante BLE permanecen sin cifrar, lo que permite a los atacantes dentro del alcance de Bluetooth interceptar la comunicaci\u00f3n. Adem\u00e1s, incluso si un usuario inicia manualmente el emparejamiento y la vinculaci\u00f3n en la configuraci\u00f3n de Android, la aplicaci\u00f3n contin\u00faa transmitiendo datos sin necesidad de vincular el reloj. Este comportamiento de respaldo permite a los atacantes explotar la comunicaci\u00f3n, por ejemplo, mediante un ataque de m\u00e1quina en el medio (MAI)."}], "lastModified": "2025-06-23T20:16:40.143", "sourceIdentifier": "cve@mitre.org"}