CVE-2025-32900

CVSS v3.1

4.3

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions KDE Connect versions prior to 1.33.0 Valent versions prior to 1.0.0.alpha.47 GSConnect versions prior to 59 KDE Connect (iOS) versions prior to 0.5 KDE Connect (desktop) versions prior to 25.04

Description A crafted packet can alter the displayed information about a device due to the use of broadcast UDP in the KDE Connect information-exchange protocol.

Recommendations Update KDE Connect to version 1.33.0 or later. Update Valent to version 1.0.0.alpha.47 or later. Update GSConnect to version 59 or later. Update KDE Connect (iOS) to version 0.5 or later. Update KDE Connect (desktop) to version 25.04 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-348

Related Identifiers

CVE-2025-32900

Affected Products

Debian

Gsconnect

Kdeconnect

Red Os

Valent

CVE-2025-32900

Weakness Enumeration

Related Identifiers

Affected Products

References · 12