Search

Find a vulnerability

Search criteria

    1 vulnerability found for IR Control Hub by Panasonic Corporation

    JVNDB-2025-004863

    Vulnerability from jvndb - Published: 2025-05-14 11:30 - Updated:2025-05-14 11:30
    Summary
    Panasonic IR Control Hub vulnerable to Unauthorised firmware loading
    Details
    IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware. IR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354). Moreover, the product has a UART interface on the board and it is configured active (CWE-1299). When connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073). Shravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.
    References
    JVN https://jvn.jp/en/vu/JVNVU94857368/index.html
    CVE https://www.cve.org/CVERecord?id=CVE-2025-1073
    Missing Protection Mechanism for Alternate Hardware Interface(CWE-1299) https://cwe.mitre.org/data/definitions/1299.html
    Improper Validation of Integrity Check Value(CWE-354) https://cwe.mitre.org/data/definitions/354.html
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-004863.html",
      "dc:date": "2025-05-14T11:30+09:00",
      "dcterms:issued": "2025-05-14T11:30+09:00",
      "dcterms:modified": "2025-05-14T11:30+09:00",
      "description": "IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware.\r\n\r\nIR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354).\r\nMoreover, the product has a UART interface on the board and it is configured active (CWE-1299).\r\nWhen connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073).\r\n\r\nShravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-004863.html",
      "sec:cpe": {
        "#text": "cpe:/o:panasonic:ir_control_hub",
        "@product": "IR Control Hub",
        "@vendor": "Panasonic Corporation",
        "@version": "2.2"
      },
      "sec:identifier": "JVNDB-2025-004863",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU94857368/index.html",
          "@id": "JVNVU#94857368",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-1073",
          "@id": "CVE-2025-1073",
          "@source": "CVE"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/1299.html",
          "@id": "CWE-1299",
          "@title": "Missing Protection Mechanism for Alternate Hardware Interface(CWE-1299)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/354.html",
          "@id": "CWE-354",
          "@title": "Improper Validation of Integrity Check Value(CWE-354)"
        }
      ],
      "title": "Panasonic IR Control Hub vulnerable to Unauthorised firmware loading"
    }