Cyber Resilience

CVE-2025-2345

Critical

Published: 16 March 2025

Published
16 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0012 30.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2345 is a critical-severity Incorrect Privilege Assignment (CWE-266) vulnerability. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 30.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-7 (Boundary Protection).

Deeper analysis

CVE-2025-2345 is a critical improper authorization vulnerability (classified under CWE-266 and CWE-285) found in IROAD Dash Cam X5 and Dash Cam X6 firmware versions up to 20250308. The issue affects an unspecified component within these dash cam devices, enabling manipulation that bypasses proper authorization controls. Published on 2025-03-16, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as very critical.

The vulnerability is remotely exploitable by unauthenticated attackers requiring low attack complexity and no user interaction. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, specifically allowing management of settings to obtain sensitive data and sabotage the car battery, as detailed in the associated GitHub findings.

Advisories from VulDB and the referenced GitHub repository indicate no vendor response despite early disclosure contact; thus, no official patches or mitigations are available. Security practitioners should isolate affected devices and monitor for unauthorized access until firmware updates are provided.

EU & UK References

Vulnerability details

A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack…

more

remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

The remote improper authorization bypass in the network-accessible dash cam firmware directly enables exploitation of a public-facing application for initial access (T1190) and facilitates collection of sensitive data from the local system via unauthorized settings management (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-1226Shared CWE-266, CWE-285
CVE-2026-1597Shared CWE-266, CWE-285
CVE-2025-8756Shared CWE-266, CWE-285
CVE-2026-2105Shared CWE-266, CWE-285
CVE-2025-1815Shared CWE-266, CWE-285
CVE-2025-0484Shared CWE-266, CWE-285
CVE-2026-3724Shared CWE-266, CWE-285
CVE-2026-5642Shared CWE-266, CWE-285
CVE-2026-2896Shared CWE-266, CWE-285
CVE-2025-2359Shared CWE-266, CWE-285

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly counters the improper authorization vulnerability (CWE-285) by enforcing approved authorizations for logical access, preventing unauthenticated remote manipulation of dash cam settings and sensitive data.

prevent

Mitigates the remote (AV:N) exploitation vector by monitoring and controlling communications at network boundaries, blocking unauthorized access to vulnerable IROAD Dash Cam devices.

prevent

Limits damage from authorization bypass by applying least privilege, restricting unauthorized access to high-impact functions like sensitive data retrieval and car battery sabotage.

References