In 2025 researchers disclosed 937 new wireless CVEs — an average of 2.5 new vulnerabilities discovered every day, according to a report by Bastille Networks.
Scale of the surge in wireless vulnerabilities
The Bastille Networks report documents an unprecedented acceleration in wireless vulnerabilities. Wireless CVEs climbed from just 4 reported in 2010 to 937 in 2025, a growth trajectory the report characterizes as "20x faster than conventional threats over the last 15 years." Cumulative totals have doubled every 2–4 years since 2014, and the industry recorded two consecutive years of cumulative growth exceeding 25% in 2024 and 2025.
The combined effect is stark: a 60% increase in wireless vulnerabilities since the start of 2024, and a pace in 2025 that averages 2.5 disclosures per day. Those figures frame wireless exposures as one of the fastest‑moving categories of software and protocol weakness tracked by vulnerability databases in recent years.
Why traditional vulnerability management models miss wireless risk
Bastille's analysis highlights a structural mismatch between how many security programs measure and manage flaws and the realities of wireless technologies. Traditional vulnerability management models that rely on asset inventories, patch tracking, and IP‑based scanning fail to address wireless risks and exposure, the report says. In short, approaches built around IP endpoints and documented assets do not fully capture radio‑frequency protocols, out‑of‑band firmware, or devices that lack persistent IP addresses.
That failure means many of the new wireless CVEs disclosed in 2025 could escape detection or remediation workflows that are otherwise effective for conventional, IP‑centric software vulnerabilities.
Protocol breakdown: Wi‑Fi leads, followed by Bluetooth, cellular, Zigbee
The report identifies Wi‑Fi as the largest source of disclosed wireless vulnerabilities, accounting for over 60% of wireless CVEs in 2025. After Wi‑Fi, disclosures are led by Bluetooth, then cellular protocols, and Zigbee. That ordering underscores that widely deployed wireless protocols — not only niche IoT stacks — are contributing the majority of new exposures.
Concentration of disclosures in mainstream protocols amplifies enterprise impact because Wi‑Fi, Bluetooth and cellular are pervasive across corporate networks, user devices, and connected operational equipment.
Enterprise risk: two years of compounding growth and practical implications
The combined 60% increase since the start of 2024 and back‑to‑back years of >25% cumulative growth indicate that enterprises are facing a shifting baseline of exposure rather than a one‑time spike. As the report frames it, wireless vulnerabilities and exposures are accelerating at an unprecedented pace, with an average of 2.5 discovered per day in 2025 alone.
For organizations that measure risk by inventory and patch metrics tied to IP assets, that acceleration creates a widening blind spot: a growing body of CVEs tied to wireless protocols and implementations that sit outside conventional scanning and remediation pipelines.
What this means for technologists, procurement leaders, and security teams
- Technologists and security teams: Must assume that discovery rates for wireless CVEs will remain high and evaluate whether existing asset inventories and scanning tools capture protocol‑level exposures in Wi‑Fi, Bluetooth, cellular and Zigbee implementations.
- Procurement leaders and affected enterprises: Need to consider the prevalence of Wi‑Fi‑related disclosures — over 60% of wireless CVEs — when assessing device suppliers, firmware update practices, and contractual visibility into vulnerability disclosure and patching timelines.
- Security operations and risk officers: Face a compounding challenge as cumulative wireless vulnerability totals double every 2–4 years; resourcing and prioritization frameworks tied to historical CVE trends may require reassessment in light of the report’s rate of change.
The Bastille Networks report leaves a clear operational question for organizations: with wireless vulnerabilities growing far faster than conventional threats and traditional, IP‑centric vulnerability models described as insufficient, how will security programs detect and mitigate an expanding set of protocol and radio‑layer exposures? Answering that question will shape whether the 937 CVEs disclosed in 2025 become transient headline figures or persistent, exploitable risk within enterprise environments.
Read the original report: https://www.securitymagazine.com/articles/102270-2025-saw-a-surge-in-wireless-vulnerabilities
