CVE-2025-32879

Published: Jun 20, 2025Modified: Jul 8, 2025

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no device is connected via Bluetooth. This allows an attacker to connect with the device via BLE if no other device is connected. While connected, none of the BLE services and characteristics of the device require any authentication or security level. Therefore, any characteristic, depending on their mode of operation (read/write/notify), can be used by the connected attacker. This allows, for example, configuring the device, sending notifications, resetting the device to factory settings, or installing software.

Affected (1)

Products: Yftech: Coros Pace 3 Firmware

1 product

Coros Pace 3 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Yftech Coros Pace 3 Firmware	Up to 3.0808.0

Running on/with	Platform Versions
Yftech Coros Pace 3	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (3)

https://support.coros.com/hc/en-us/articles/20087694119828-COROS-PACE-3-Release-Notes

Source: cve@mitre.org

Release Notes

https://syss.de

Source: cve@mitre.org

Third Party Advisory

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-026.txt

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.