CVE-2025-32900_CVE-2025-32900

4.3 / 10

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Description

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

Basic Information

ID CVE-2025-32900

Source mitre

Published Dec 5, 2025 at 00:00

Modified Dec 5, 2025 at 05:34

Affected Product

Vendor KDE

Product KDE Connect information-exchange protocol

Affected Versions KDE KDE Connect information-exchange protocol 0

CWE Classification

CWE-348

References

{
    "lastseen": "",
    "description": "In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.",
    "published": "2025-12-05T00:00:00.000Z",
    "modified": "2025-12-05T05:34:03.875Z",
    "type": "cve",
    "title": "CVE-2025-32900",
    "source": "mitre",
    "references": "https://kdeconnect.kde.org\nhttps://kde.org/info/security/advisory-20250418-2.txt",
    "id": "CVE-2025-32900",
    "bulletinFamily": "",
    "cwe": [
        "CWE-348"
    ],
    "cvelist": null,
    "sourceData": "KDE KDE Connect information-exchange protocol 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "KDE Connect information-exchange protocol",
    "version": "0",
    "vendor": "KDE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}