CVE Catalog

CVE-2025-65828

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile - higher than 16% of all known CVEs

Summary

An unauthenticated attacker within BLE range can send shutdown, restart, or clear config commands to Meatmeet devices, causing denial of service. The device loses cloud connectivity until manually reconfigured or restarted.

Risk Assessment

The organization loses access to Meatmeet updates and the device becomes non-functional until manual recovery, potentially disrupting monitoring or automation systems.

Recommendation

Apply vendor patches immediately and restrict physical access to Meatmeet devices to prevent close-range attacks.

Original NVD description (English source)

An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy (BLE) to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from its user and would require re-configuration to re-enable the device. As a result, the end user would be unable to receive updates from the Meatmeet base station which communicates with the cloud services until the device had been fixed or turned back on.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS