CVE-2024-45434

Critical CVSS: 9.8

OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object (aka use after free). An attacker can leverage this to achieve remote code execution in the context of a user account under which the Bluetooth process runs.

Vendor

Opensynergy

Product

Blue Sdk

CWE

CWE-416

Yayın Tarihi

2025-09-12 17:15:46

Güncelleme

2025-10-02 20:00:43

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-416 Blue Sdk CRITICAL Opensynergy 2025

Referanslar

https://pcacybersecurity.com/resources/advisory/perfekt-blue https://www.opensynergy.com/ https://pcacybersecurity.com/resources/advisory/perfekt-blue

Benzer Kayıtlar

High

CVE-2024-45432

OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK B…

Medium

CVE-2024-45433

OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the B…

Medium

CVE-2024-45431

OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Improper Input Validation. The specific flaw exists within the BlueSD…