CVE-2025-41100
BaseFortify
Publication date: 2025-07-21
Last updated on: 2025-07-22
Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| parkingdoor | parkingdoor | 2016.08.11.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1284 | The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-41100 is an incorrect authentication vulnerability in the ParkingDoor system, which manages garage door openings. It allows an attacker to operate the device without proper authentication, meaning they can control the garage door even if they do not have valid access permissions or if those permissions have been revoked. Additionally, these unauthorized operations are not logged in the application, making it difficult to detect unauthorized access. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized individuals to operate your garage door without your knowledge or permission. Since the unauthorized access is not logged, it can lead to security breaches, unauthorized physical access to your property, and potential theft or damage. The inability to track these unauthorized operations complicates incident response and accountability. [1]
What immediate steps should I take to mitigate this vulnerability?
No solution or mitigation has been reported at this time. [1]