CVE Vulnerabilities

CVE-2025-44557

Incorrect Implementation of Authentication Algorithm

Published: Jun 27, 2025 | Modified: Jul 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairing_failed packet.

Weakness

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

References