7 matches found
EUVD-2025-18755
Malicious code in bioql PyPI...
CVE-2025-32875
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...
CVE-2025-32875
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...
CVE-2025-32875
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...
CVE-2025-32875
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...
PT-2025-26320 · Coros · Coros
Name of the Vulnerable Software and Affected Versions: COROS application versions 3.8.12 and earlier Description: The issue concerns the COROS application's handling of Bluetooth pairing and bonding. The application does not initiate or enforce pairing and bonding, and the watch also does not...
CVE-2025-32875
The CVE-2025-32875 entry concerns the COROS Android app (versions up to 3.8.12). The root issue is that Bluetooth pairing and bonding are neither initiated nor enforced by the app, and the watch also does not enforce them. Consequently, BLE data remains unencrypted, enabling attackers within Blue...