Vulnerability Details CVE-2025-32876
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key (STK) can be easily guessed. This requires knowledge of the Temporary Key (TK), which, in the case of the COROS Pace 3, is set to 0 due to the Just Works pairing method. An attacker within Bluetooth range can therefore perform sniffing attacks, allowing eavesdropping on the communication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2025-32876
-
cpe:2.3:h:yftech:coros_pace_3:-
-
cpe:2.3:o:yftech:coros_pace_3_firmware:*