jvndb-2025-004863
Vulnerability from jvndb
Published
2025-05-14 11:30
Modified
2025-05-14 11:30
Summary
Panasonic IR Control Hub vulnerable to Unauthorised firmware loading
Details
IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware.
IR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354).
Moreover, the product has a UART interface on the board and it is configured active (CWE-1299).
When connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073).
Shravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU94857368/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2025-1073 | |
| Missing Protection Mechanism for Alternate Hardware Interface(CWE-1299) | https://cwe.mitre.org/data/definitions/1299.html | |
| Improper Validation of Integrity Check Value(CWE-354) | https://cwe.mitre.org/data/definitions/354.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Panasonic Corporation | IR Control Hub |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-004863.html",
"dc:date": "2025-05-14T11:30+09:00",
"dcterms:issued": "2025-05-14T11:30+09:00",
"dcterms:modified": "2025-05-14T11:30+09:00",
"description": "IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware.\r\n\r\nIR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354).\r\nMoreover, the product has a UART interface on the board and it is configured active (CWE-1299).\r\nWhen connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073).\r\n\r\nShravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-004863.html",
"sec:cpe": {
"#text": "cpe:/o:panasonic:ir_control_hub",
"@product": "IR Control Hub",
"@vendor": "Panasonic Corporation",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2025-004863",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94857368/index.html",
"@id": "JVNVU#94857368",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-1073",
"@id": "CVE-2025-1073",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/1299.html",
"@id": "CWE-1299",
"@title": "Missing Protection Mechanism for Alternate Hardware Interface(CWE-1299)"
},
{
"#text": "https://cwe.mitre.org/data/definitions/354.html",
"@id": "CWE-354",
"@title": "Improper Validation of Integrity Check Value(CWE-354)"
}
],
"title": "Panasonic IR Control Hub vulnerable to Unauthorised firmware loading"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.