CVE-2025-65828
Last modified
CVE-2025-65828 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy (BLE) to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. EPSS estimates a 0.27% chance of exploitation in the next 30 days.
Description
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy (BLE) to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from its user and would require re-configuration to re-enable the device. As a result, the end user would be unable to receive updates from the Meatmeet base station which communicates with the cloud services until the device had been fixed or turned back on.
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Meatmeet | Meatmeet Pro Wifi \& Bluetooth Meat Thermometer Firmware | 1.0.34.4 |
References
- http://meatmeet.comProduct
- https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-denial-of-service-ble-mdExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-65828?
How severe is CVE-2025-65828?
How do I fix CVE-2025-65828?
Are you affected by CVE-2025-65828?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST