{"id":86512,"date":"2026-02-20T15:20:22","date_gmt":"2026-02-20T15:20:22","guid":{"rendered":""},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T06:00:00","slug":"cve-2025-48705-critical-vulnerability-in-coros-pace-3-leads-to-forced-device-reboot","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-48705-critical-vulnerability-in-coros-pace-3-leads-to-forced-device-reboot\/","title":{"rendered":"CVE-2025-48705: Critical Vulnerability in COROS PACE 3 Leads to Forced Device Reboot<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

This report details a critical vulnerability, identified as CVE-2025-48705, found within COROS PACE 3 versions through 3.0808.0. The vulnerability, a NULL pointer dereference, can be exploited to force the device to reboot, potentially compromising the system and leading to data leakage. Given the severity of this vulnerability, it is essential that affected systems are patched as soon as possible.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-48705
\nSeverity: High (CVSS: 7.5)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Forced reboot of the device which could lead to system compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n