CVE-2025-32059
Published: 15 February 2026
Summary
CVE-2025-32059 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Blackhat (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, ranked at the 29.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-32059 is a stack-based buffer overflow vulnerability (CWE-121) within the Bluetooth stack developed by Alps Alpine for the Infotainment ECU manufactured by Bosch. The issue stems from inadequate boundary validation of user-supplied data, triggering an overflow upon receipt of a specific packet over an established upper-layer L2CAP channel. It was first identified in the 2020 Nissan Leaf ZE1 model.
An attacker in adjacent physical proximity, such as within Bluetooth range, can exploit this with low attack complexity and no privileges or user interaction required. By transmitting a crafted packet on the L2CAP channel, they achieve remote code execution on the Infotainment ECU with root privileges, earning a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Advisories and related resources include a BlackHat Asia 2025 presentation detailing remote exploitation of the Nissan Leaf, a PCA Cybersecurity advisory on vulnerabilities in Bosch-manufactured Nissan infotainment systems, and the official Nissan Leaf vehicle page. Security practitioners should review these for guidance on mitigations and available patches.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-206904
Vulnerability details
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow…
more
when receiving a specific packet on the established upper layer L2CAP channel. An attacker can leverage this vulnerability to obtain remote code execution on the Infotainment ECU with root privileges. First identified on Nissan Leaf ZE1 manufactured in 2020.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Insufficient information to map techniques.CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the lack of proper boundary validation of user-supplied data in Bluetooth L2CAP packets to prevent stack-based buffer overflows.
Implements memory protections such as stack canaries, ASLR, and DEP to mitigate exploitation of stack-based buffer overflows for remote code execution.
Establishes usage restrictions and authorizations for wireless access, limiting exposure to adjacent-proximity Bluetooth attacks on the Infotainment ECU.