CVE-2025-24836

MEDIUM Year: 2025
CVSS v3 Score
7.1
High
Weakness Type
CWE-248
View all →

Vulnerability Description

With a specially crafted Python script, an attacker could send continuous startMeasurement commands over an unencrypted Bluetooth connection to the affected device. This would prevent the device from connecting to a clinician's app to take patient readings and ostensibly flood it with requests, resulting in a denial-of-service condition.

Related Vulnerabilities

CVE-2021-33145

HIGH
CVSS:7.2(High)

Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local a...

CWE-2482021

CVE-2024-20276

HIGH
CVSS:7.4(High)

A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability i...

CWE-2482024

CVE-2023-20628

MEDIUM
CVSS:6.7(Medium)

In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed...

CWE-2482023

CVE-2016-10363

HIGH
CVSS:7.5(High)

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logs...

CWE-2482016

CVE-2019-10931

HIGH
CVSS:7.5(High)

A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering softwa...

CWE-2482019

CVE-2019-6575

HIGH
CVSS:7.5(High)

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoo...

CWE-2482019