SB2025052330 - Improper validation of integrity check value in Panasonic IR Control Hub
Published: May 23, 2025
Security Bulletin ID
SB2025052330
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Physical access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper validation of integrity check value (CVE-ID: CVE-2025-1073)
CWE-ID: CWE-354 - Improper Validation of Integrity Check Value
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to improper validation of integrity check value. An attacker with physical access can load unauthorized firmware.
Remediation
Install update from vendor's website.