CVE-2025-65828
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile - higher than 16% of all known CVEs
Summary
An unauthenticated attacker within BLE range can send shutdown, restart, or clear config commands to Meatmeet devices, causing denial of service. The device loses cloud connectivity until manually reconfigured or restarted.
Risk Assessment
The organization loses access to Meatmeet updates and the device becomes non-functional until manual recovery, potentially disrupting monitoring or automation systems.
Recommendation
Apply vendor patches immediately and restrict physical access to Meatmeet devices to prevent close-range attacks.
Original NVD description (English source)
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy (BLE) to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from its user and would require re-configuration to re-enable the device. As a result, the end user would be unable to receive updates from the Meatmeet base station which communicates with the cloud services until the device had been fixed or turned back on.

