CVE-2025-52435

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-52435
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-52435.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-52435
Published
2026-01-10T10:15:50.320Z
Modified
2026-03-15T22:51:20.496806Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE.

Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. This issue affects Apache NimBLE: through <= 1.8.0.

Users are recommended to upgrade to version 1.9.0, which fixes the issue.

References

Affected packages

Git / github.com/apache/mynewt-nimble

Affected ranges

Type
GIT
Repo
https://github.com/apache/mynewt-nimble
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
da7e3256da3ba80b232df880f40d8359311cc62e
Fixed
164f1c23c18a290908df76ed83fe848bfe4a4903
Fixed
ec3d75e909fa6dcadf1836fefc4432794a673d18
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.0"
        }
    ]
}

Affected versions

Other
nimble_1_5_0_rc1_tag
nimble_1_5_0_tag
nimble_1_6_0_rc1_tag
nimble_1_6_0_tag
nimble_1_7_0_rc1_tag
nimble_1_7_0_tag
nimble_1_8_0_rc1_tag
nimble_1_8_0_tag

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-52435.json"
vanir_signatures 
[
    {
        "id": "CVE-2025-52435-0e794488",
        "digest": {
            "line_hashes": [
                "25653975812058895493354249893725297871",
                "216314287470616030735418807083899904858",
                "319405312179558558479956412582582076250",
                "147578843108232174939099822425671017737",
                "83102807449791140756632331798489713591"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/apache/mynewt-nimble/commit/ec3d75e909fa6dcadf1836fefc4432794a673d18",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_conn_hci.c"
        }
    },
    {
        "id": "CVE-2025-52435-1a75dbfc",
        "digest": {
            "line_hashes": [
                "126486918125316299884621287542475772705",
                "295477393015238595116549499967900520763",
                "167950635670729120483642218002682286108",
                "194767451931361007548826770452958800973",
                "89465095927253223456237033071469236110",
                "148965627091120620382215540315865060360",
                "241773488339252667945330971863913396563",
                "108899087540310165806219178360340693471",
                "108760696847017908192876323077205493370",
                "208593574074764279166605692003999538658",
                "161029732743727756706251767266722205499",
                "917454535057307131441623398264001022"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/apache/mynewt-nimble/commit/164f1c23c18a290908df76ed83fe848bfe4a4903",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_ctrl.c"
        }
    },
    {
        "id": "CVE-2025-52435-29d9a719",
        "digest": {
            "function_hash": "181101585624593078135536339437813242064",
            "length": 950.0
        },
        "signature_type": "Function",
        "source": "https://github.com/apache/mynewt-nimble/commit/ec3d75e909fa6dcadf1836fefc4432794a673d18",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_conn_hci.c",
            "function": "ble_ll_conn_hci_le_ltk_neg_reply"
        }
    },
    {
        "id": "CVE-2025-52435-7840ea20",
        "digest": {
            "line_hashes": [
                "264251824426945228988987200684221752789",
                "114725855653240257522048722071366789452",
                "82836717776759914101604292658942905853",
                "176142509792335894784039343945765990127"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/apache/mynewt-nimble/commit/ec3d75e909fa6dcadf1836fefc4432794a673d18",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/include/controller/ble_ll_conn.h"
        }
    },
    {
        "id": "CVE-2025-52435-84c168b3",
        "digest": {
            "function_hash": "5898247146755555885356429543895543421",
            "length": 2846.0
        },
        "signature_type": "Function",
        "source": "https://github.com/apache/mynewt-nimble/commit/164f1c23c18a290908df76ed83fe848bfe4a4903",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_conn.c",
            "function": "ble_ll_conn_rx_data_pdu"
        }
    },
    {
        "id": "CVE-2025-52435-cb37273d",
        "digest": {
            "line_hashes": [
                "224331788973942032017455150107978421518",
                "262221349802277470376426283860221196084",
                "138210496919634273986955586361448219327",
                "41213256895885443302123320748711339782"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/apache/mynewt-nimble/commit/164f1c23c18a290908df76ed83fe848bfe4a4903",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/include/controller/ble_ll_ctrl.h"
        }
    },
    {
        "id": "CVE-2025-52435-dacb2926",
        "digest": {
            "line_hashes": [
                "251631115119914402163944681124402609461",
                "197043080228098895920547099851062368102",
                "233967306648889959046933483893217913919",
                "61063849780698690595410608727455936169"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/apache/mynewt-nimble/commit/164f1c23c18a290908df76ed83fe848bfe4a4903",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_conn.c"
        }
    },
    {
        "id": "CVE-2025-52435-ee61074a",
        "digest": {
            "function_hash": "178861108771660932016133641299206772049",
            "length": 285.0
        },
        "signature_type": "Function",
        "source": "https://github.com/apache/mynewt-nimble/commit/164f1c23c18a290908df76ed83fe848bfe4a4903",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "nimble/controller/src/ble_ll_ctrl.c",
            "function": "ble_ll_ctrl_enc_allowed_pdu_rx"
        }
    }
]