What is the CVSS score of CVE-2025-32876?

CVE-2025-32876 has a CVSS 3.1 base score of 6.8 (Medium). CVSS vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Coros Pace 3 Firmware are affected by CVE-2025-32876?

CVE-2025-32876 presents notable security risk, a missing authentication vulnerability rated CVSS 6.8. This could allow unauthorized access to protected resources.

Is there a public PoC exploit available for CVE-2025-32876?

Yes, a public proof-of-concept exploit is available for CVE-2025-32876. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2025-32876?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Audit authentication configurations.

Coros Pace 3 Firmware CVE-2025-32876

EUVD-2025-18749 MEDIUM

Missing Authentication for Critical Function (CWE-306)

2025-06-20 cve@mitre.org

Authentication Bypass Coros Pace 3 Firmware

6.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.8 MEDIUM

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 00:19 euvd

EUVD-2025-18749

Analysis Generated

Mar 15, 2026 - 00:19 vuln.today

PoC Detected

Jul 08, 2025 - 14:32 vuln.today

Public exploit code

CVE Published

Jun 20, 2025 - 14:15 nvd

MEDIUM 6.8

DescriptionCVE.org

An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key (STK) can be easily guessed. This requires knowledge of the Temporary Key (TK), which, in the case of the COROS Pace 3, is set to 0 due to the Just Works pairing method. An attacker within Bluetooth range can therefore perform sniffing attacks, allowing eavesdropping on the communication.

Analysis

Technical ContextAI

An authentication bypass vulnerability allows attackers to circumvent login mechanisms and gain unauthorized access without valid credentials. This vulnerability is classified as Missing Authentication for Critical Function (CWE-306).

RemediationAI

Implement robust authentication mechanisms. Use multi-factor authentication. Review authentication logic for bypass conditions. Remove default credentials.

CVE-2025-32876 vulnerability details – vuln.today

Back

Coros Pace 3 Firmware CVE-2025-32876

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code