CVE-2025-20700HIGH 8.8EPSS p90.7%

CVE-2025-20700CVE-2025-20700

Description

In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS4.72% probability of exploitation · percentile 90.7% · 2026-06-18T12:00:27Z
Published2025-08-04
Last modified2026-04-15

Underlying weaknesses· 1

CWE-306

References

  1. https://www.airoha.com/product-security-bulletin/2025

1

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-20702
CVE
CVE-2025-20701
CVE
CVE-2025-0084
CVE
CVE-2025-20680
CVE
CVE-2026-0095
CVE
CVE-2026-0097
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.