Buffer Overflow Vulnerability in Alpine iLX-507 Bluetooth Devices
CVE-2025-8475
7.4HIGH
What is CVE-2025-8475?
The vulnerability found in the Alpine iLX-507 arises from a flaw in the AVRCP protocol implementation, enabling network-adjacent attackers to exploit buffer overflow conditions. Specifically, it stems from inadequate validation of user-supplied data before it is copied to a fixed-length stack buffer. If a target device connects to a malicious Bluetooth device, an attacker might be able to execute arbitrary code with root privileges, leading to potential unauthorized access and manipulation of the device.
Affected Version(s)
iLX-507 6.0.000