NULL Pointer Dereference Vulnerability in Apache NimBLE Software
CVE-2025-53477

7.5HIGH

Key Information:

Vendor

Apache
Status
Apache Mynewt Nimble
Vendor
CVE Published:
10 January 2026

What is CVE-2025-53477?

A vulnerability exists in Apache NimBLE due to insufficient validation of HCI connection complete or HCI command TX buffers, potentially leading to a NULL pointer dereference. This can occur under specific conditions, such as with disabled asserts and during interactions with a malfunctioning Bluetooth controller. Users are strongly advised to upgrade to version 1.9.0 to mitigate the risk associated with this vulnerability.

Affected Version(s)

Apache Mynewt NimBLE 0 <= 1.8.0

References

https://github.com/apache/mynewt-nimble/commit/0caf9baeb2...
patch
https://github.com/apache/mynewt-nimble/commit/3160b8c4c7...
patch
https://lists.apache.org/thread/1dxthc132hwm2tzvjblrtnsch...
vendor-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

雷重庆 <leicq@seu.edu.cn>
JSON
.