CVE-2026-11535
Description
A missing or broken authentication check in vivo PcSuite (versions < 6.2.5) over Bluetooth can leak sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing or broken authentication check in vivo PcSuite (versions < 6.2.5) over Bluetooth can leak sensitive information.
Vulnerability
The authentication mechanism of a certain function in vivo PcSuite contains a defect that allows an unauthenticated attacker within Bluetooth range to access data that should be protected. The issue affects all PcSuite versions below 6.2.5 [1].
Exploitation
An attacker needs only to be within Bluetooth range of a device running a vulnerable version of PcSuite. No authentication or user interaction is required. The attacker can connect over Bluetooth and exploit the missing or broken authentication check to trigger the information leakage [1].
Impact
Successful exploitation results in the disclosure of confidential information from the device. The CVSS 3.1 Base Score is 8.1 (High) with the vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impact, but no availability impact [1].
Mitigation
PcSuite version 6.2.5 fixes the vulnerability. Users should update to this version or later via the official vivo website [1]. No temporary workaround is provided. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.
AI Insight generated on Jun 12, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.