Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7403

Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption.

Published

2025-09-19T06:15:35.960

Last Modified

2025-10-29T18:05:53.470

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.6 (HIGH)

Weaknesses

Type: Secondary
CWE-123

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zephyrproject	zephyr	≤ 4.1.0	Yes

References

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9r46-cqqw-6j2j Patch, Vendor Advisory ([email protected])