{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1879", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-03-03T12:25:15.547Z", "datePublished": "2025-03-03T19:31:04.880Z", "dateUpdated": "2025-03-04T15:13:54.562Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-03-03T19:31:04.880Z"}, "title": "i-Drive i11/i12 APK hard-coded credentials", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-798", "lang": "en", "description": "Hard-coded Credentials"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-259", "lang": "en", "description": "Use of Hard-coded Password"}]}], "affected": [{"vendor": "i-Drive", "product": "i11", "versions": [{"version": "20250227", "status": "affected"}], "modules": ["APK"]}, {"vendor": "i-Drive", "product": "i12", "versions": [{"version": "20250227", "status": "affected"}], "modules": ["APK"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in i-Drive i11 and i12 bis 20250227 gefunden. Betroffen davon ist ein unbekannter Prozess der Komponente APK. Mittels dem Manipulieren mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2.4, "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "baseSeverity": "LOW"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 2.4, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 2.4, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "timeline": [{"time": "2025-03-03T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-03-03T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-03-03T13:30:41.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "geochen (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.298193", "name": "VDB-298193 | i-Drive i11/i12 APK hard-coded credentials", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.298193", "name": "VDB-298193 | CTI Indicators (IOB, IOC, TTP)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.510950", "name": "Submit #510950 | i-DRIVE Dashcam i11, i12 Plaintext Password in Configuration File", "tags": ["third-party-advisory"]}, {"url": "https://github.com/geo-chen/i-Drive", "tags": ["related"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-04T15:13:38.034499Z", "id": "CVE-2025-1879", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T15:13:54.562Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-04T15:13:38.034499Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T15:13:48.459Z"}}], "cna": {"title": "i-Drive i11/i12 APK hard-coded credentials", "credits": [{"lang": "en", "type": "reporter", "value": "geochen (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2.4, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 2.4, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 2.4, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "affected": [{"vendor": "i-Drive", "modules": ["APK"], "product": "i11", "versions": [{"status": "affected", "version": "20250227"}]}, {"vendor": "i-Drive", "modules": ["APK"], "product": "i12", "versions": [{"status": "affected", "version": "20250227"}]}], "timeline": [{"lang": "en", "time": "2025-03-03T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-03-03T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-03-03T13:30:41.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.298193", "name": "VDB-298193 | i-Drive i11/i12 APK hard-coded credentials", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.298193", "name": "VDB-298193 | CTI Indicators (IOB, IOC, TTP)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.510950", "name": "Submit #510950 | i-DRIVE Dashcam i11, i12 Plaintext Password in Configuration File", "tags": ["third-party-advisory"]}, {"url": "https://github.com/geo-chen/i-Drive", "tags": ["related"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in i-Drive i11 and i12 bis 20250227 gefunden. Betroffen davon ist ein unbekannter Prozess der Komponente APK. Mittels dem Manipulieren mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "Hard-coded Credentials"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-259", "description": "Use of Hard-coded Password"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-03-03T19:31:04.880Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1879", "state": "PUBLISHED", "dateUpdated": "2025-03-04T15:13:54.562Z", "dateReserved": "2025-03-03T12:25:15.547Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-03-03T19:31:04.880Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."}], "id": "CVE-2025-1879", "lastModified": "2025-03-03T20:15:45.510", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-03-03T20:15:45.510", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/geo-chen/i-Drive"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.298193"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.298193"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.510950"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-259"}, {"lang": "en", "value": "CWE-798"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}