FKIE_CVE-2025-69969

Vulnerability from fkie_nvd - Published: 2026-03-04 17:16 - Updated: 2026-03-09 17:26
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A lack of authentication and authorization mechanisms in the Bluetooth Low Energy (BLE) communication protocol of SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 allows attackers to reverse engineer the protocol and execute arbitrary commands on the device without establishing a connection. This is exploitable over Bluetooth Low Energy (BLE) proximity (Adjacent), requiring no physical contact with the device. Furthermore, the vulnerability is not limited to arbitrary commands but includes cleartext data interception and unauthenticated firmware hijacking via OTA services.
References
cve@mitre.orghttps://github.com/mukundbhuva/BLEached-SecurityExploit, Third Party Advisory
cve@mitre.orghttps://github.com/mukundbhuva/BLEached-Security/security/advisories/GHSA-cp6q-87g8-mq77Exploit, Third Party Advisory
Impacted products
Vendor Product Version
pebblepower pebble_prism_ultra_firmware *
pebblepower pebble_prism_ultra -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:pebblepower:pebble_prism_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95969418-0F7C-469B-B438-891AA89A9C57",
              "versionEndExcluding": "2.5.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:pebblepower:pebble_prism_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C0C5761-7D12-41A4-B1B5-2A54D708D86E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A lack of authentication and authorization mechanisms in the Bluetooth Low Energy (BLE) communication protocol of SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 allows attackers to reverse engineer the protocol and execute arbitrary commands on the device without establishing a connection. This is exploitable over Bluetooth Low Energy (BLE) proximity (Adjacent), requiring no physical contact with the device. Furthermore, the vulnerability is not limited to arbitrary commands but includes cleartext data interception and unauthenticated firmware hijacking via OTA services."
    },
    {
      "lang": "es",
      "value": "Una falta de mecanismos de autenticaci\u00f3n y autorizaci\u00f3n en el protocolo de comunicaci\u00f3n Bluetooth Low Energy (BLE) de SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 permite a los atacantes realizar ingenier\u00eda inversa del protocolo y ejecutar comandos arbitrarios en el dispositivo sin establecer una conexi\u00f3n. Esto es explotable a trav\u00e9s de la proximidad Bluetooth Low Energy (BLE) (Adyacente), sin requerir contacto f\u00edsico con el dispositivo. Adem\u00e1s, la vulnerabilidad no se limita a comandos arbitrarios, sino que incluye la interceptaci\u00f3n de datos en texto claro y el secuestro de firmware no autenticado a trav\u00e9s de servicios OTA."
    }
  ],
  "id": "CVE-2025-69969",
  "lastModified": "2026-03-09T17:26:47.000",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-04T17:16:17.847",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/mukundbhuva/BLEached-Security"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/mukundbhuva/BLEached-Security/security/advisories/GHSA-cp6q-87g8-mq77"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-311"
        },
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.