CVE-2025-32061
Published: 15 February 2026
Summary
CVE-2025-32061 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Blackhat (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the lack of proper boundary validation of user-supplied data in Bluetooth L2CAP packets to prevent stack-based buffer overflows.
Provides memory protections like stack canaries and address space layout randomization to mitigate exploitation of stack-based buffer overflows for RCE.
Requires identification, reporting, and correction of the specific buffer overflow flaw in the Bluetooth stack to eliminate the vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in Bluetooth L2CAP stack directly enables remote code execution (T1190) from adjacent network; results in root-level access on the ECU (T1068).
NVD Description
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow…
more
when receiving a specific packet on the established upper layer L2CAP channel. An attacker can leverage this vulnerability to obtain remote code execution on the Infotainment ECU with root privileges. First identified on Nissan Leaf ZE1 manufactured in 2020.
Deeper analysisAI
CVE-2025-32061, published on 2026-02-15, is a stack-based buffer overflow vulnerability (CWE-121) within the Bluetooth stack developed by Alps Alpine for the Infotainment ECU manufactured by Bosch. The issue stems from a lack of proper boundary validation of user-supplied data when processing a specific packet over an established upper-layer L2CAP channel. It was first identified in the 2020-manufactured Nissan Leaf ZE1 and has a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
An attacker in the adjacent network—within Bluetooth proximity—can exploit this vulnerability with low attack complexity, no privileges, and no user interaction required. Exploitation enables remote code execution on the Infotainment ECU with root privileges.
Advisories and technical details are documented in resources such as the PCA Cybersecurity advisory on vulnerabilities in Nissan infotainment systems manufactured by Bosch (https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch) and a Black Hat Asia 2025 presentation on remote exploitation of the Nissan Leaf (http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf). The affected Nissan Leaf model page is available at https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html.
Details
- CWE(s)