CVE-2025-2345
CVE-2025-2345
Título es
CVE-2025-2345
Dom, 16/03/2025 – 19:15
Tipo
CWE-266
Gravedad v2.0
10.00
Gravedad 2.0 Txt
HIGH
Título en
CVE-2025-2345
Descripción en
A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
16/03/2025
16/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector CVSS:2.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Gravedad 4.0
9.30
Gravedad 4.0 txt
CRITICAL
Gravedad 3.1 (CVSS 3.1 Base Score)
9.80
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CRITICAL
Referencias
https://github.com/geo-chen/IROAD/blob/main/README.md#finding-5-managing-settings-to-obtain-sensitive-data-and-sabotaging-car-battery
https://vuldb.com/?ctiid_299811=
https://vuldb.com/?id_299811=
https://vuldb.com/?submit_516883=
Enviar en el boletín
Off
