PT-2025-11050 · Bluetooth · Bluetooth

Published

2025-03-01

Updated

2025-08-27

CVE-2023-21125

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Bluetooth (affected versions not specified)

Description: A memory corruption issue exists due to a use-after-free condition in the btif hh hsdata rpt copy cb function within bta hh.cc. This could allow for local privilege escalation over Bluetooth without requiring additional execution privileges or user interaction.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-416

Related Identifiers

ASB-A-228837201

CVE-2023-21125

Affected Products

Bluetooth

PT-2025-11050 · Bluetooth · Bluetooth

CVE-2023-21125

Weakness Enumeration

Related Identifiers

Affected Products

References · 9