CVE-2025-2121
Published: 09 March 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-2121 is a vulnerability classified as critical in Thinkware Car Dashcam F800 Pro versions up to 20250226, affecting an unknown function within the File Storage component. The issue stems from improper access controls (mapped to CWE-266 and CWE-284), allowing manipulation that bypasses intended restrictions. It carries a CVSS v3.1 base score of 6.3 (AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating medium severity despite the critical classification in advisories.
Attackers on the adjacent local network (AV:A) can exploit this without privileges (PR:N) or user interaction (UI:N), requiring low complexity (AC:L). Successful exploitation grants low-level impacts on confidentiality, integrity, and availability (C:L/I:L/A:L) of the file storage, potentially allowing unauthorized read, modification, or disruption of stored data. No privileges or scope changes are needed, making it feasible for nearby adversaries with network access, such as in parking lots or garages.
VulDB advisories detail the issue and note that the vendor was contacted early but provided no response, with no patches or official mitigations mentioned. The exploit has been publicly disclosed via a GitHub repository (geo-chen/Thinkware-Dashcam), increasing the risk of use by attackers. Security practitioners should isolate dashcam devices from untrusted networks and monitor for firmware updates, though none are confirmed available.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Improper access controls on file storage enable local network attackers to write arbitrary files or malware, facilitating exploitation of remote services (T1210), potential privilege escalation via implanted payloads (T1068), and ingress tool transfer (T1105).