Cyber Resilience

CVE-2025-45512

MediumPublic PoC

Published: 05 August 2025

Published
05 August 2025
Modified
02 October 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score 0.0055 68.5th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-45512 is a medium-severity Command Injection (CWE-77) vulnerability in Denx U-Boot. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Direct Volume Access (T1006); ranked in the top 31.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1006 Direct Volume Access Stealth
Adversaries may directly access a volume to bypass file access controls and file system monitoring.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1542.001 System Firmware Stealth
Adversaries may modify system firmware to persist on systems.
T1601.002 Downgrade System Image Defense Impairment
Adversaries may install an older version of the operating system of a network device to weaken security.
Why these techniques?

Lack of bootloader signature verification enables SPI flash manipulation for direct volume access (T1006), arbitrary code execution for privilege escalation (T1068), system firmware modification (T1542.001), and firmware downgrades (T1601.002).

Affected Assets

denx
u-boot
1.1.3

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References