Detections
Analytics

CVE-2024-45433

medium

Description

OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security validation and make the incoming data be processed.

References

https://www.theregister.com/2025/07/13/infosec_in_brief/

https://thehackernews.com/2025/07/perfektblue-bluetooth-vulnerabilities.html

https://www.securityweek.com/millions-of-cars-exposed-to-remote-hacking-via-perfektblue-attack/

https://www.bleepingcomputer.com/news/security/perfektblue-bluetooth-flaws-impact-mercedes-volkswagen-skoda-cars/

https://pcacybersecurity.com/resources/advisory/perfekt-blue

https://www.opensynergy.com/

Details

Source: Mitre, NVD

Published: 2025-09-12

Updated: 2025-10-02

Named Vulnerability: PerfektBlue

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00037