Severity: important Affected versions:
- Apache NimBLE through 1.8.0 Description: Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue. Credit: Tommaso Sacchetti <[email protected]> (reporter) References: https://github.com/apache/mynewt-nimble/commit/41f67e391e788c5feef9030026cc5cbc5431838a https://mynewt.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-62235
