HBSA-2025-0003
Vulnerability from csaf_harmaninternational - Published: 2026-02-18 07:00 - Updated: 2026-02-18 07:00Summary
JBL: DoS vulnerability in Flip 4
Severity
Medium (6.5)
Notes
Summary: The Bluetooth Classic implementation on JBL Flip 4 devices with firmware version prior to 4.1.0 does not properly
handle malformed LMP messages and causes the entire device to crash. Any attacker in radio range can
exploit this vulnerability.
Impact: Any attacker in radio range can send malicious messages to cause the device to crash.
Mitigation: There is no known mitigation at this moment.
Remediation: The vulnerability is fixed in firmware version 4.1.0.
Product Description: The JBL Flip 4 is a portable bluetooth speaker.
Affected devices running firmware versions prior to 4.1.0 may crash and become unavailable when receiving specific malformed Bluetooth messages from an unauthenticated attacker.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
References
4 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Justus W. Perlwitz"
],
"organization": "JWP Consulting",
"summary": "reporting",
"urls": [
"https://www.jwpconsulting.net/"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"text": "Medium (6.5)"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "en-GB",
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The Bluetooth Classic implementation on JBL Flip 4 devices with firmware version prior to 4.1.0 does not properly\nhandle malformed LMP messages and causes the entire device to crash. Any attacker in radio range can\nexploit this vulnerability.",
"title": "Summary"
},
{
"audience": "all",
"category": "description",
"text": "Any attacker in radio range can send malicious messages to cause the device to crash.",
"title": "Impact"
},
{
"audience": "all",
"category": "description",
"text": "There is no known mitigation at this moment.",
"title": "Mitigation"
},
{
"audience": "all",
"category": "description",
"text": "The vulnerability is fixed in firmware version 4.1.0.",
"title": "Remediation"
},
{
"audience": "all",
"category": "description",
"text": "The JBL Flip 4 is a portable bluetooth speaker.",
"title": "Product Description"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productsecurity@harman.com",
"name": "Harman International",
"namespace": "https://www.harman.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Harman",
"url": "https://certvde.com/en/advisories/vendor/harmann/"
},
{
"category": "self",
"summary": "HBSA-2025-0003: JBL: DoS vulnerability in Flip 4 - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-090"
},
{
"category": "self",
"summary": "HBSA-2025-0003: JBL: DoS vulnerability in Flip 4 - CSAF",
"url": "https://harman.csaf-tp.certvde.com/.well-known/csaf/white/2026/hbsa-2025-0003.json"
},
{
"category": "external",
"summary": "Braktooth, a description of a family of security vulnerabilities in commercial BT stacks.",
"url": "https://asset-group.github.io/disclosures/braktooth/"
}
],
"title": "JBL: DoS vulnerability in Flip 4",
"tracking": {
"aliases": [
"VDE-2026-0001"
],
"current_release_date": "2026-02-18T07:00:00.000Z",
"generator": {
"date": "2026-02-12T14:20:52.263Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.42"
}
},
"id": "HBSA-2025-0003",
"initial_release_date": "2026-02-18T07:00:00.000Z",
"revision_history": [
{
"date": "2026-02-18T07:00:00.000Z",
"number": "1.0.0",
"summary": "Initial release."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Flip 4",
"product": {
"name": "JBL Flip 4",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"skus": [
"6925281924439",
"6925281924415",
"6925281924422",
"6925281924446",
"6925281924408",
"6925281924545",
"6925281922428",
"6925281922442",
"6925281922404",
"6925281922411",
"6925281922435",
"050036337366",
"050036337397",
"050036337380",
"050036337403",
"050036337373",
"050036336123",
"050036336116",
"050036336130",
"050036337441",
"050036336109",
"050036336147"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c4.1.0",
"product": {
"name": "JBL Flip 4 Firmware \u003c4.1.0",
"product_id": "CSAFPID-21001",
"product_identification_helper": {
"model_numbers": [
"Flip 4"
]
}
}
},
{
"category": "product_version",
"name": "4.1.0",
"product": {
"name": "JBL Flip 4 Firmware 4.1.0",
"product_id": "CSAFPID-22001",
"product_identification_helper": {
"model_numbers": [
"Flip 4"
]
}
}
}
],
"category": "product_name",
"name": "Flip 4 "
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "JBL"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "JBL Flip 4 Firmware \u003c4.1.0 installed on JBL Flip 4",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"skus": [
"6925281924439",
"6925281924415",
"6925281924422",
"6925281924446",
"6925281924408",
"6925281924545",
"6925281922428",
"6925281922442",
"6925281922404",
"6925281922411",
"6925281922435",
"050036337366",
"050036337397",
"050036337380",
"050036337403",
"050036337373",
"050036336123",
"050036336116",
"050036336130",
"050036337441",
"050036336109",
"050036336147"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "JBL Flip 4 Firmware 4.1.0 installed on JBL Flip 4",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"skus": [
"6925281924439",
"6925281924415",
"6925281924422",
"6925281924446",
"6925281924408",
"6925281924545",
"6925281922428",
"6925281922442",
"6925281922404",
"6925281922411",
"6925281922435",
"050036337366",
"050036337397",
"050036337380",
"050036337403",
"050036337373",
"050036336123",
"050036336116",
"050036336130",
"050036337441",
"050036336109",
"050036336147"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Justus W. Perlwitz"
],
"organization": "JWP Consulting GK",
"summary": "reporting",
"urls": [
"https://www.jwpconsulting.net/"
]
}
],
"cve": "CVE-2025-41725",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"discovery_date": "2025-05-22T10:00:00.000Z",
"notes": [
{
"audience": "all",
"category": "description",
"text": "Affected devices running firmware versions prior to 4.1.0 may crash and become unavailable when receiving specific malformed Bluetooth messages from an unauthenticated attacker.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"release_date": "2026-02-13T11:00:00.000Z",
"remediations": [
{
"category": "vendor_fix",
"details": "Update JBL Flip 4 firmware to version 4.1.0 to remediate the issue.",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "DoS vulnerability in JBL Flip 4"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…