CVE-2025-61081_CVE-2025-61081

7.5 / 10

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Description

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.

Basic Information

ID CVE-2025-61081

Source mitre

Published May 19, 2026 at 00:00

Modified May 19, 2026 at 18:13

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-307

References

{
    "lastseen": "",
    "description": "In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.",
    "published": "2026-05-19T00:00:00.000Z",
    "modified": "2026-05-19T18:13:43.105Z",
    "type": "cve",
    "title": "CVE-2025-61081",
    "source": "mitre",
    "references": "https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link\nhttps://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637",
    "id": "CVE-2025-61081",
    "bulletinFamily": "",
    "cwe": [
        "CWE-307"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}