CVE-2025-69821
Published: 22 January 2026
Summary
CVE-2025-69821 is a high-severity Improper Resource Shutdown or Release (CWE-404) vulnerability in Beatxp Vega Smartwatch Firmware. Its CVSS base score is 7.4 (High).
Operationally, ranked at the 3.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-40 (Wireless Link Protection) and SC-5 (Denial-of-service Protection).
Deeper analysis
CVE-2025-69821 is a vulnerability affecting the Beat XP VEGA Smartwatch on Firmware Version RB303ATV006229. The issue enables an attacker to trigger a denial of service condition through the Bluetooth Low Energy (BLE) connection and is associated with CWE-404. Published on 2026-01-22, it carries a CVSS v3.1 base score of 7.4, reflecting its potential severity.
Exploitation requires adjacent network access (AV:A), such as physical proximity to the device, with low attack complexity (AC:L), no privileges (PR:N), and no user interaction (UI:N). The attack has a changed scope (S:C) and results in high availability impact (A:H) with no confidentiality or integrity effects (C:N/I:N), allowing an unauthenticated nearby attacker to disrupt the smartwatch's functionality, potentially rendering it unresponsive.
References point to a GitHub repository and an accompanying PDF security assessment report on the Beat XP Vega Smartwatch, which likely detail the findings but do not specify official patches or mitigations in the provided information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-4128
Vulnerability details
An issue in Beat XP VEGA Smartwatch (Firmware Version - RB303ATV006229) allows an attacker to cause a denial of service via the BLE connection
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Insufficient information to map techniques.CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements protections against denial-of-service conditions triggered over network connections such as BLE.
Applies cryptographic and integrity protections to wireless links (BLE) to block unauthenticated or malformed traffic that can cause DoS.
Restricts and monitors wireless network access, limiting exposure of the smartwatch BLE interface to adjacent attackers.