{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7577", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-07-13T07:47:18.972Z", "datePublished": "2025-07-14T05:44:05.263Z", "dateUpdated": "2025-07-14T13:15:20.684Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-14T05:44:05.263Z"}, "title": "Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-259", "lang": "en", "description": "Use of Hard-coded Password"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-255", "lang": "en", "description": "Credentials Management"}]}], "affected": [{"vendor": "Teledyne", "product": "FLIR FB-Series O", "versions": [{"version": "1.3.2.16", "status": "affected"}]}, {"vendor": "Teledyne", "product": "FLIR FH-Series ID", "versions": [{"version": "1.3.2.16", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion. Durch die Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-07-13T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-07-13T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-07-13T09:52:53.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "waiwai24 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.316275", "name": "VDB-316275 | Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.316275", "name": "VDB-316275 | CTI Indicators (IOB, IOC, TTP)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.609550", "name": "Submit #609550 | FLIR FLIR FB-Series O FLIR FB-Series O and ID Firmware, Version 1.3.2.16 Use of Hard-coded Password", "tags": ["third-party-advisory"]}, {"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md", "tags": ["related"]}, {"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md#poc", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-14T13:13:58.081682Z", "id": "CVE-2025-7577", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-14T13:15:20.684Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7577", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-14T13:13:58.081682Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-14T13:14:56.376Z"}}], "cna": {"title": "Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password", "credits": [{"lang": "en", "type": "reporter", "value": "waiwai24 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Teledyne", "product": "FLIR FB-Series O", "versions": [{"status": "affected", "version": "1.3.2.16"}]}, {"vendor": "Teledyne", "product": "FLIR FH-Series ID", "versions": [{"status": "affected", "version": "1.3.2.16"}]}], "timeline": [{"lang": "en", "time": "2025-07-13T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-07-13T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-07-13T09:52:53.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.316275", "name": "VDB-316275 | Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.316275", "name": "VDB-316275 | CTI Indicators (IOB, IOC, TTP)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.609550", "name": "Submit #609550 | FLIR FLIR FB-Series O FLIR FB-Series O and ID Firmware, Version 1.3.2.16 Use of Hard-coded Password", "tags": ["third-party-advisory"]}, {"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md", "tags": ["related"]}, {"url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md#poc", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion. Durch die Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-259", "description": "Use of Hard-coded Password"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-255", "description": "Credentials Management"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-14T05:44:05.263Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7577", "state": "PUBLISHED", "dateUpdated": "2025-07-14T13:15:20.684Z", "dateReserved": "2025-07-13T07:47:18.972Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-07-14T05:44:05.263Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Teledyne FLIR FB-Series O y FLIR FH-Series ID 1.3.2.16. Se ha clasificado como problem\u00e1tica. Afecta a una parte desconocida. La manipulaci\u00f3n implica el uso de una contrase\u00f1a predefinida. El ataque puede ejecutarse en remoto. Es un ataque de complejidad bastante alta. Se considera que su explotaci\u00f3n es dif\u00edcil. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3."}], "id": "CVE-2025-7577", "lastModified": "2025-07-15T13:14:24.053", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-14T06:15:28.917", "references": [{"source": "[email protected]", "url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md"}, {"source": "[email protected]", "url": "https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Root_User_with_Hardcoded_Weak_Password.md#poc"}, {"source": "[email protected]", "url": "https://vuldb.com/?ctiid.316275"}, {"source": "[email protected]", "url": "https://vuldb.com/?id.316275"}, {"source": "[email protected]", "url": "https://vuldb.com/?submit.609550"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}, {"lang": "en", "value": "CWE-259"}], "source": "[email protected]", "type": "Primary"}]}

{}