CVE-2025-52435

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8.0

Description A configuration issue exists where data transmission occurs without encryption. Specifically, improper handling of the Pause Encryption procedure on the Link Layer can result in a previously encrypted connection reverting to an unencrypted state, potentially allowing an eavesdropper to observe subsequent data exchange.

Recommendations Upgrade to version 1.9.0.