CVE-2025-65824
Published: 10 December 2025
Summary
CVE-2025-65824 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Meatmeet Meatmeet Pro Wifi \& Bluetooth Meat Thermometer Firmware. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 49.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-18 (Wireless Access) and CM-14 (Signed Components).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires authorization, authentication, and encryption for wireless access, directly preventing unauthenticated BLE OTA firmware upgrades by proximity attackers.
Mandates integrity verification tools and techniques for firmware to block installation of unauthorized code and detect alterations post-upgrade.
Enforces use of signed firmware components with verification prior to installation, ensuring only authentic upgrades overwrite device firmware.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables exploitation of the unauthenticated OTA remote service over BLE (T1210) leading to RCE and firmware overwrite, effectively granting privilege escalation from no privileges to full device control (T1068).
NVD Description
An unauthenticated attacker within proximity of the Meatmeet device can perform an unauthorized Over The Air (OTA) firmware upgrade using Bluetooth Low Energy (BLE), resulting in the firmware on the device being overwritten with the attacker's code. As the device…
more
does not perform checks on upgrades, this results in Remote Code Execution (RCE) and the victim losing complete access to the Meatmeet.
Deeper analysisAI
CVE-2025-65824 affects the Meatmeet device, where an unauthenticated attacker within proximity can perform an unauthorized Over The Air (OTA) firmware upgrade via Bluetooth Low Energy (BLE). The device fails to perform any checks on incoming upgrades, allowing the firmware to be overwritten with attacker-supplied code. This vulnerability, linked to CWE-306 (Missing Authentication for Critical Function), has a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-12-10.
An adjacent attacker requires only physical proximity to the Meatmeet device, with low attack complexity, no privileges, and no user interaction. Successful exploitation results in remote code execution (RCE), complete firmware replacement, and the victim losing all access to the device.
References point to GitHub disclosures by researcher dead1nfluence, including a gist and repository documentation detailing the remote code execution vulnerability in the Meatmeet Pro device. No official advisories or patches are specified in the available information.
Details
- CWE(s)