CVE-2025-44528 is a vulnerability identified in the Texas Instruments LP-CC2652RB SimpleLink CC13XX and CC26XX SDK version 7.41.00.17. This SDK is commonly used in wireless microcontroller units (MCUs) that support Bluetooth Low Energy (BLE) and other low-power wireless protocols, often embedded in IoT devices and industrial applications. The vulnerability arises during the authentication and connection phase of the BLE communication, specifically when processing the LL_Pause_Enc_Req (Link Layer Pause Encryption Request) packet. An attacker can craft a malicious LL_Pause_Enc_Req packet and send it to the target device, causing the device to enter a Denial of Service (DoS) state. This DoS condition disrupts normal device operation by halting or crashing the communication stack, effectively preventing legitimate connections or data exchange. The vulnerability does not require prior authentication or user interaction, making it exploitable remotely by any attacker within radio range. No patches or fixes have been published at the time of this report, and no known exploits are currently observed in the wild. The lack of a CVSS score indicates that the vulnerability is newly disclosed and requires further assessment, but the technical details suggest a significant impact on availability of affected devices.

For European organizations, the impact of CVE-2025-44528 can be substantial, especially for sectors relying on IoT and wireless sensor networks, such as manufacturing, smart cities, healthcare, and critical infrastructure. Devices using the affected Texas Instruments SDK are often embedded in industrial control systems, building automation, and medical devices. A successful DoS attack could disrupt operational continuity, leading to downtime, loss of monitoring capabilities, or failure of safety-critical functions. Given the wireless nature of the exploit, attackers could cause localized outages without physical access, increasing the risk of targeted disruption. The confidentiality and integrity of data are not directly impacted by this vulnerability; however, the availability degradation can indirectly affect business processes and safety. The absence of known exploits in the wild suggests limited immediate risk, but the ease of exploitation and lack of authentication requirements mean that threat actors could develop attacks rapidly once the vulnerability is widely known.

1. Immediate mitigation should focus on network-level controls: restrict wireless access to trusted devices by implementing BLE whitelisting and signal range limitation to reduce exposure to unauthorized devices. 2. Monitor BLE traffic for anomalous LL_Pause_Enc_Req packets or unusual connection disruptions, employing intrusion detection systems tailored for wireless protocols. 3. Coordinate with Texas Instruments and device vendors to obtain firmware updates or patches as soon as they become available; prioritize updating devices in critical environments. 4. Where possible, implement device-level watchdog timers or fail-safe mechanisms to recover from DoS states automatically. 5. Conduct asset inventories to identify all devices using the affected SDK versions and segment them within the network to contain potential impact. 6. Educate operational technology (OT) and IoT security teams about this vulnerability to enhance incident response readiness.