CVE-2025-63895 identifies a vulnerability in the Bluetooth firmware of the JXL 9 Inch Car Android Double Din Player, which operates on Android version 12.0. The flaw lies in the handling of Link Manager Protocol (LMP) packets, a fundamental component of Bluetooth communication responsible for link setup and management. An attacker can exploit this vulnerability by sending a crafted LMP packet to the device, causing a Denial of Service (DoS) condition. This DoS likely results in the Bluetooth firmware crashing or becoming unresponsive, thereby disrupting Bluetooth connectivity. Since the vulnerability is in the firmware layer, it affects the device's ability to maintain stable Bluetooth connections, which are critical for hands-free calling, media streaming, and other in-car functionalities. The exploit does not require prior authentication or user interaction, increasing the risk of remote exploitation, especially in environments where Bluetooth is exposed or discoverable. No CVSS score has been assigned yet, and no patches or known exploits are currently documented. The vulnerability was reserved in late October 2025 and published in December 2025, indicating recent discovery. The lack of patch links suggests that the vendor has not yet released a fix, emphasizing the need for vigilance and interim protective measures.

The primary impact of CVE-2025-63895 is on the availability of Bluetooth services in affected car infotainment systems. For European organizations, especially those operating fleets or corporate vehicles equipped with the JXL 9 Inch Car Android Double Din Player, this could lead to operational disruptions such as loss of hands-free communication, navigation assistance, and media streaming capabilities. This may reduce driver safety and productivity, particularly in logistics, transportation, and field service sectors. Additionally, a persistent DoS condition could necessitate device resets or replacements, incurring maintenance costs. While confidentiality and integrity impacts are not evident, the disruption of Bluetooth connectivity can indirectly affect business continuity and user experience. The absence of known exploits reduces immediate risk, but the ease of exploitation and lack of authentication requirements mean attackers could target vehicles in public or semi-public spaces. The threat is more pronounced in environments where Bluetooth is actively used and exposed, such as corporate parking areas or service depots.

1. Monitor the vendor’s official channels for firmware updates or patches addressing this vulnerability and apply them promptly once available. 2. Disable Bluetooth discoverability on the affected devices when not in use to reduce exposure to unsolicited LMP packets. 3. Implement network segmentation and physical security controls to limit unauthorized access to vehicle infotainment systems. 4. For fleet operators, consider deploying endpoint detection solutions capable of monitoring Bluetooth traffic anomalies indicative of crafted LMP packet attacks. 5. Educate drivers and users about minimizing Bluetooth usage in high-risk areas and reporting unusual device behavior. 6. If feasible, temporarily disable Bluetooth functionality in vehicles where it is not critical until a patch is released. 7. Collaborate with automotive cybersecurity experts to assess the risk and develop incident response plans tailored to connected vehicle environments.