CVE-2025-10456 — Integer Overflow or Wraparound in Zephyr

CWE-190 — Integer Overflow or Wraparound2 documents2 sources

Severity

6.5MEDIUMNVD

CNA7.1

EPSS

0.0%

top 93.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zephyrproject-rtos Zephyr Zephyrproject Zephyr

Timeline

PublishedSep 19

Description

A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDzephyrproject/zephyr4.1.0

▶CVEListV5zephyrproject-rtos/zephyr* — 4.1.0

Patches

Patch: github.com ↗

🔴Vulnerability Details

CVEList

Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests↗2025-09-19

▶