Skip to main content

Jxl 9 Inch Car Android Double Din Player Firmware

2 CVEs product

Monthly

CVE-2025-63895 HIGH This Week

Denial of service in the Bluetooth firmware of the JXL 9-inch Car Android Double Din Player (Android v12.0) lets an attacker within Bluetooth range crash the head unit by sending a malformed Link Manager Protocol (LMP) packet. The flaw sits in the low-level Bluetooth baseband/link layer, so no pairing or user interaction is needed to disrupt availability of the in-vehicle infotainment system. There is no public exploit identified at time of analysis, and the EPSS probability is low (0.28%, 20th percentile), consistent with a niche automotive product rather than a mass-exploited target.

Denial Of Service Google Jxl 9 Inch Car Android Double Din Player Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-63896 HIGH POC This Week

An issue in the Bluetooth Human Interface Device (HID) of JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to inject arbitrary keystrokes via a spoofed Bluetooth HID device.

Authentication Bypass Google Jxl 9 Inch Car Android Double Din Player Firmware
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in the Bluetooth firmware of the JXL 9-inch Car Android Double Din Player (Android v12.0) lets an attacker within Bluetooth range crash the head unit by sending a malformed Link Manager Protocol (LMP) packet. The flaw sits in the low-level Bluetooth baseband/link layer, so no pairing or user interaction is needed to disrupt availability of the in-vehicle infotainment system. There is no public exploit identified at time of analysis, and the EPSS probability is low (0.28%, 20th percentile), consistent with a niche automotive product rather than a mass-exploited target.

Denial Of Service Google Jxl 9 Inch Car Android Double Din Player Firmware
NVD GitHub
EPSS 0% CVSS 7.6
HIGH POC This Week

An issue in the Bluetooth Human Interface Device (HID) of JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to inject arbitrary keystrokes via a spoofed Bluetooth HID device.

Authentication Bypass Google Jxl 9 Inch Car Android Double Din Player Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy