CVE-2025-3885 – Harman Becker MGU21 Bluetooth Denial-of-Service Vulnerability

May 22, 2025

CVE ID : CVE-2025-3885

Published : May 22, 2025, 1:15 a.m. | 1 hour, 35 minutes ago

Description : Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Harman Becker MGU21 devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Bluetooth stack of the BCM89359 chipset. The issue results from the lack of proper validation of Bluetooth frames. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23942.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleGoogle DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Next Article CVE-2025-3883 – eCharge Hardy Barth cPH2 Remote Command Injection Vulnerability

Highlights

CVE-2023-53130 – Linux Kernel Block Device Exclusivity Leak

May 2, 2025

CVE ID : CVE-2023-53130

Published : May 2, 2025, 4:15 p.m. | 34 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

block: fix wrong mode for blkdev_put() from disk_scan_partitions()

If disk_scan_partitions() is called with ‘FMODE_EXCL’,
blkdev_get_by_dev() will be called without ‘FMODE_EXCL’, however, follow
blkdev_put() is still called with ‘FMODE_EXCL’, which will cause
‘bd_holders’ counter to leak.

Fix the problem by using the right mode for blkdev_put().

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Windows 11 is getting AI Actions in File Explorer — here’s how to try them right now

Is The Alters on Game Pass?

I asked Copilot’s AI to predict the outcome of the Europa League final, and now I’m just sad

Celebrating GAAD by Committing to Universal Design: Equitable Use

Celebrating GAAD by Committing to Universal Design: Equitable Use

GAAD and Universal Design in Healthcare – A Deeper Look

GAAD and Universal Design in Pharmacy – A Deeper Look

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Windows 11 is getting AI Actions in File Explorer — here’s how to try them right now

Is The Alters on Game Pass?

CVE-2025-3885 – Harman Becker MGU21 Bluetooth Denial-of-Service Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

How To Write Test Cases For Footer

After skipping Xbox for 20 years, a major Japanese studio returns with the reveal of their latest RPG which looks like ‘Animal Crossing’ with multiplayer combat

Unexpected Kernel Mode Trap in Windows 11: Simple BSOD Fixes

Russian Star Blizzard is Now After Your WhatsApp Data

CVE-2023-53130 – Linux Kernel Block Device Exclusivity Leak

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

Advancing MLLM Alignment Through MM-RLHF: A Large-Scale Human Preference Dataset for Multimodal Tasks

Linux Networking Protocols: Understanding TCP/IP, UDP, and ICMP

CVE-2025-3885 – Harman Becker MGU21 Bluetooth Denial-of-Service Vulnerability

Related Posts