Cyber Resilience

CVE-2025-69969

CriticalPublic PoC

Published: 04 March 2026

Published
04 March 2026
Modified
09 March 2026
KEV Added
Patch
CVSS Score v3.1 9.6 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0046 36.5th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-69969 is a critical-severity Missing Encryption of Sensitive Data (CWE-311) vulnerability in Pebblepower Pebble Prism Ultra Firmware. Its CVSS base score is 9.6 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 36.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-18 (Wireless Access) and SC-40 (Wireless Link Protection).

Deeper analysis

CVE-2025-69969 is a critical vulnerability in the Bluetooth Low Energy (BLE) communication protocol of the SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 device, published on 2026-03-04. It arises from a lack of authentication and authorization mechanisms, allowing attackers to reverse engineer the protocol and execute arbitrary commands without establishing a connection. The flaw also enables cleartext data interception and unauthenticated firmware hijacking via over-the-air (OTA) services. The vulnerability carries a CVSS v3.1 base score of 9.6 (AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) and maps to CWE-311 (Missing Authentication) and CWE-319 (Cleartext Transmission of Sensitive Information).

The attack requires adjacency over BLE proximity with no physical contact needed, low attack complexity, no privileges, and no user interaction. Any attacker in range can exploit it to execute arbitrary commands on the device, intercept sensitive data transmitted in cleartext, and perform unauthenticated firmware hijacking through OTA services, potentially leading to full device compromise with high impacts on confidentiality, integrity, and availability.

Mitigation guidance and further details are provided in the associated GitHub security advisory (GHSA-cp6q-87g8-mq77) and the BLEached-Security repository at https://github.com/mukundbhuva/BLEached-Security.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A lack of authentication and authorization mechanisms in the Bluetooth Low Energy (BLE) communication protocol of SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 allows attackers to reverse engineer the protocol and execute arbitrary commands on the device without establishing…

more

a connection. This is exploitable over Bluetooth Low Energy (BLE) proximity (Adjacent), requiring no physical contact with the device. Furthermore, the vulnerability is not limited to arbitrary commands but includes cleartext data interception and unauthenticated firmware hijacking via OTA services.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
T1040 Network Sniffing Credential Access
Adversaries may passively sniff network traffic to capture information about an environment, including authentication material passed over the network.
Why these techniques?

Vulnerability enables unauthenticated exploitation of BLE remote service for arbitrary command execution and cleartext interception via proximity adjacency.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-67159Shared CWE-319
CVE-2025-13718Shared CWE-319
CVE-2026-30796Shared CWE-319
CVE-2024-36558Shared CWE-319
CVE-2026-30795Shared CWE-319
CVE-2026-23661Shared CWE-319
CVE-2025-70048Shared CWE-319
CVE-2025-1060Shared CWE-319
CVE-2025-0556Shared CWE-319
CVE-2024-44276Shared CWE-319

Affected Assets

pebblepower
pebble prism ultra firmware
≤ 2.5.8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates authorization, authentication, and encryption for wireless access, directly addressing the lack of authentication and authorization in the BLE protocol allowing arbitrary command execution.

prevent

Requires security safeguards to protect wireless links, mitigating cleartext data interception and unauthorized access over BLE proximity.

prevent

Enforces confidentiality and integrity protections for transmissions, countering cleartext interception and unauthenticated firmware hijacking via OTA services.

References