CVE-2025-44526
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk22th percentile - higher than 22% of all known CVEs
Summary
The Realtek RTL8762E SDK V1.4.0 was found to have insufficient permission checks on critical fields in Bluetooth Low Energy (BLE) data packets. This vulnerability allows an attacker to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.
Risk Assessment
An attacker can remotely crash a device using the vulnerable component, leading to disruption of IoT services or other systems relying on BLE connectivity.
Recommendation
Immediately update the RTL8762E SDK to the latest patched version. If no update is available, restrict BLE range and monitor for anomalous packets.
Original NVD description (English source)
Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet.

