Yftech Coros_pace_3_firmware

7 CVEs affecting Yftech Coros_pace_3_firmware. Latest disclosed: 2025-06-20. Critical: 4, High: 2.

Top CVEs affecting Yftech Coros_pace_3_firmware
CVESeverityScorePublishedSummary
CVE-2025-32880Critical9.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. With WLAN access, the COROS Pace 3 d…
CVE-2025-32878Critical9.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is mainly for download…
CVE-2025-32877Critical9.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. It identifies itself as a device without input or output capabilities, which results in the u…
CVE-2025-48706Critical9.12025-06-20An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read vulnerability, sending a crafted BLE message forces the device to reboot.
CVE-2025-32879High8.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no device is connected via Bluetooth. This allows an attacker to con…
CVE-2025-48705High7.52025-06-20An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NULL pointer dereference vulnerability, sending a crafted BLE message forces the device to r…
CVE-2025-32876Medium6.82025-06-20An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and ins…