CVE-2025-61081

Sažetak

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.

Reference

https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637

CVSS

Base:	7.5
Impact:	6.0
Exploitability:	0.9

Pristup

Vektor	Složenost	Autentikacija
PHYSICAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Zadnje važnije ažuriranje

19-05-2026 - 21:05

Objavljeno

19-05-2026 - 18:16