CVE-2025-46414 Information
Aug 09, 2025
cve
Description
The affected product does not limit the number of attempts for inputting the correct PIN for a registered product which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN is entered. This vulnerability was patched in a server-side update on April 6 2025.
Reference
https://eg4electronics.com/contact/ https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-07
Related CNNVD
CNNVD-202508-756 (Published: 2025-08-08)
Share on: