diff --git a/2025/2xxx/CVE-2025-2121.json b/2025/2xxx/CVE-2025-2121.json index 6081804c4b8..9886ba60ebb 100644 --- a/2025/2xxx/CVE-2025-2121.json +++ b/2025/2xxx/CVE-2025-2121.json @@ -1,17 +1,118 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2121", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Thinkware Car Dashcam F800 Pro bis 20250226 entdeckt. Betroffen hiervon ist ein unbekannter Ablauf der Komponente File Storage. Durch Beeinflussen mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Controls", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Thinkware", + "product": { + "product_data": [ + { + "product_name": "Car Dashcam F800 Pro", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "20250226" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.299034", + "refsource": "MISC", + "name": "https://vuldb.com/?id.299034" + }, + { + "url": "https://vuldb.com/?ctiid.299034", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.299034" + }, + { + "url": "https://vuldb.com/?submit.507328", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.507328" + }, + { + "url": "https://github.com/geo-chen/Thinkware-Dashcam", + "refsource": "MISC", + "name": "https://github.com/geo-chen/Thinkware-Dashcam" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "geochen (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P" } ] }