Yftech Coros Pace 3 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yftech Coros Pace 3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2025-32880 — CVSS 9.8 (critical): An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. With WLAN…
CVE-2025-32877 — CVSS 9.8 (critical): An issue was discovered on COROS PACE 3 devices through 3.0808.0. It identifies itself as a device without input or output capabilities…
CVE-2025-32878 — CVSS 9.8 (critical): An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is…
CVE-2025-48706 — CVSS 9.1 (critical): An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read vulnerability, sending a crafted BLE message forces…
CVE-2025-32879 — CVSS 8.8 (high): An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no device is connected via Bluetooth. This…
CVE-2025-48705 — CVSS 7.5 (high): An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NULL pointer dereference vulnerability, sending a crafted BLE message…
CVE-2025-32876 — CVSS 6.8 (medium): An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure…