CVE-2025-56448_CVE-2025-56448

6.8 / 10

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Positron PX360BT SW REV 8 car alarm system is vulnerable to a replay attack due to a failure in implementing rolling code security. The alarm system does not properly rotate or invalidate used codes, allowing repeated reuse of captured transmissions. This exposes users to significant security risks, including vehicle theft and loss of trust in the alarm's anti-cloning claims.

Basic Information

ID CVE-2025-56448

Source mitre

Published Sep 15, 2025 at 00:00

Modified Sep 15, 2025 at 20:38

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-294

References

{
    "lastseen": "",
    "description": "The Positron PX360BT SW REV 8 car alarm system is vulnerable to a replay attack due to a failure in implementing rolling code security. The alarm system does not properly rotate or invalidate used codes, allowing repeated reuse of captured transmissions. This exposes users to significant security risks, including vehicle theft and loss of trust in the alarm's anti-cloning claims.",
    "published": "2025-09-15T00:00:00.000Z",
    "modified": "2025-09-15T20:38:00.539Z",
    "type": "cve",
    "title": "CVE-2025-56448",
    "source": "mitre",
    "references": "https://positron.com.br/blog/positron-lanca-alarme-px360bt-starter/\nhttps://medium.com/@wagneralves_87750/cve-2025-56448-replay-attack-vulnerability-in-positron-px360bt-car-alarm-system-c9f1ccea6ebe",
    "id": "CVE-2025-56448",
    "bulletinFamily": "",
    "cwe": [
        "CWE-294"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 6.8,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}