The vulnerability identified as CVE-2025-69969 affects the Pebble Prism Ultra v2.9.2 device manufactured by SRK Powertech Pvt Ltd. The core issue is the lack of authentication and authorization in the device's Bluetooth Low Energy (BLE) communication protocol. This design flaw allows attackers within BLE range (adjacent proximity) to reverse engineer the BLE protocol used by the device and send arbitrary commands without needing to establish a formal connection or authenticate themselves. This means an attacker can remotely control the device's functions, intercept cleartext data transmitted over BLE, and perform unauthorized firmware updates via over-the-air (OTA) services. The absence of authentication in the OTA process is particularly dangerous, as it allows attackers to hijack the device firmware, potentially implanting persistent malware or backdoors. The vulnerability does not require physical contact or user interaction, making it easier to exploit in environments where the device is accessible via BLE. Although no specific affected versions are listed beyond v2.9.2, the vulnerability likely impacts all devices running this firmware version or earlier if the protocol design remains unchanged. No CVSS score has been assigned yet, but the vulnerability's characteristics indicate a high-risk threat vector. No known exploits are currently reported in the wild, but the potential for exploitation is significant given the ease of access and severity of impact.

This vulnerability poses a severe risk to organizations deploying Pebble Prism Ultra devices, especially in environments where BLE proximity cannot be tightly controlled. Attackers can gain unauthorized control over device functions, leading to potential operational disruptions, data leakage, and persistent compromise through firmware hijacking. Confidentiality is impacted due to cleartext data interception, allowing sensitive information to be exposed. Integrity is compromised as attackers can execute arbitrary commands and alter device firmware without detection. Availability may also be affected if attackers disrupt device operations or deploy malicious firmware. The lack of authentication and authorization mechanisms means that even unsophisticated attackers with BLE scanning tools can exploit the vulnerability. Critical sectors such as healthcare, industrial control, smart building management, and critical infrastructure that rely on these devices for monitoring or control are particularly vulnerable. The ability to hijack firmware over-the-air could facilitate long-term espionage or sabotage campaigns. The absence of known exploits in the wild currently provides a window for remediation, but the threat landscape could rapidly evolve once exploit code becomes publicly available.

Organizations should immediately assess the deployment of Pebble Prism Ultra devices and restrict BLE access to trusted environments only. Disable BLE functionality when not required to reduce the attack surface. Implement physical security controls to limit proximity-based attacks, such as securing areas where devices are installed. Monitor network and device logs for unusual BLE activity or unexpected firmware update attempts. Engage with SRK Powertech Pvt Ltd to obtain firmware updates or patches addressing the authentication and authorization flaws as soon as they become available. Until patches are released, consider deploying BLE intrusion detection systems or anomaly detection tools capable of identifying unauthorized BLE commands or firmware update attempts. For critical deployments, evaluate alternative devices with robust BLE security features. Educate staff on the risks of BLE vulnerabilities and enforce strict policies on device usage and maintenance. Regularly audit device firmware versions and configurations to ensure compliance with security best practices.