CVE-2025-69822
Published: 22 January 2026
Summary
CVE-2025-69822 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Atomberg Erica Smart Fan Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Literacy training teaches users to recognize and avoid actions that result in unauthorized exposure of sensitive information.
Session auditing enables detection of unauthorized exposure or access to sensitive information during user activities.
Audit record review and analysis can detect unauthorized exposure or access to sensitive information.
Penetration testing simulates unauthorized access attempts, directly detecting and enabling remediation of improper access control weaknesses.
The integrated analysis team enables faster detection and containment of incidents involving unauthorized exposure of sensitive information, limiting attacker success in exploiting such weaknesses.
Architectures explicitly define requirements and mechanisms for access control to protect confidentiality, integrity, and availability.
Trained staff understand data-handling requirements and are less likely to expose sensitive information through misconfiguration or poor design.
Threat hunting directly searches for indicators of unauthorized access or control violations that bypassed preventive mechanisms.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in device firmware directly enables unauthenticated remote exploitation over adjacent network (Wi-Fi deauth frames) leading to information disclosure and privilege escalation on the target.
NVD Description
An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame
Deeper analysisAI
CVE-2025-69822 is a vulnerability in the Atomberg Erica Smart Fan Firmware version V1.0.36. The issue enables an attacker to obtain sensitive information and escalate privileges through a crafted deauth frame. It is associated with CWEs including CWE-200 (Exposure of Sensitive Information), CWE-284 (Improper Access Control), CWE-287 (Improper Authentication), and CWE-294 (Injection). The vulnerability has a CVSS v3.1 base score of 7.4, rated as High severity, with vector AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H, indicating adjacent network access, low attack complexity, no privileges or user interaction required, changed scope, no confidentiality or integrity impact, but high availability impact.
An attacker within adjacent network range, such as Wi-Fi proximity, can exploit this by sending a crafted deauthentication frame to the affected smart fan firmware. No prior privileges or user interaction are needed, allowing unauthenticated exploitation. Successful attacks result in sensitive information disclosure and privilege escalation, alongside potential high-impact denial of service due to the availability rating.
References include a GitHub repository and security assessment report from CipherX1802 detailing the Atomberg Erica Smart Fan vulnerability, available at https://github.com/CipherX1802/CVE-2025-69822-Atomberg_Erica_SmatFan_Security_Assessment.git and https://github.com/CipherX1802/CVE-2025-69822-Atomberg_Erica_SmatFan_Security_Assessment/blob/main/Atomberg_Erica_SmatFan_Security_Assessment_Report.pdf. No official vendor advisories or patches are specified in available details.
Details
- CWE(s)