Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-26078.
References
Link | Resource |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-25-351/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
08 Jul 2025, 14:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.zerodayinitiative.com/advisories/ZDI-25-351/ - Third Party Advisory | |
CPE | cpe:2.3:o:pioneer:dmh-wt7600nex_firmware:3.05:*:*:*:*:*:*:* cpe:2.3:h:pioneer:dmh-wt7600nex:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Pioneer
Pioneer dmh-wt7600nex Pioneer dmh-wt7600nex Firmware |
26 Jun 2025, 18:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Jun 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-25 18:15
Updated : 2025-07-08 14:51
NVD link : CVE-2025-5834
Mitre link : CVE-2025-5834
CVE.ORG link : CVE-2025-5834
JSON object : View
Products Affected
pioneer
- dmh-wt7600nex_firmware
- dmh-wt7600nex
CWE
CWE-1326
Missing Immutable Root of Trust in Hardware