CVE-2025-41657: AUMA: Incorrect delivery status of the Bluetooth configuration

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-41657

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

AUMA: Incorrect delivery status of the Bluetooth configuration

Source: NVD (National Vulnerability Database)

Vulnerability Description

Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

通过外部行为不一致性导致的信息暴露

Source: NVD (National Vulnerability Database)

Vulnerability Title

AUMA PROFOX和AUMA AC1.2 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

AUMA PROFOX和AUMA AC1.2都是AUMA公司的产品。AUMA PROFOX是一个专业级实验室自动化系统，用于样本处理与液体工作站控制。AUMA AC1.2是一款自适应控制器。 AUMA PROFOX和AUMA AC1.2存在安全漏洞，该漏洞源于未记录的蓝牙堆栈，可能导致指纹识别。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Auma	AC1.2	01.01.2024 ~ 09.05.2025	-
Auma	PROFOX	01.01.2024 ~ 09.05.2025	-

II. Public POCs for CVE-2025-41657

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-41657

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: AC1.2

CVE-2025-3496
AUMA Riester: Buffer overflow in service telegram

V. Comments for CVE-2025-41657

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2025-41657

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-41657

III. Intelligence Information for CVE-2025-41657

IV. Related Vulnerabilities

V. Comments for CVE-2025-41657

Leave a comment