← Retour aux CVEs
CVE-2024-45431
MEDIUM5.3
Description
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID (CID). An attacker can leverage this to create an L2CAP channel with the null identifier assigned as a remote CID.
Details CVE
Score CVSS v3.15.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie9/12/2025
Derniere modification10/2/2025
Sourcenvd
Observations honeypot0
Produits affectes
opensynergy:blue_sdk
Faiblesses (CWE)
CWE-20
References
https://pcacybersecurity.com/resources/advisory/perfekt-blue(cve@mitre.org)
https://www.opensynergy.com/(cve@mitre.org)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.