CVE-2025-52492
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-07-07

Last updated on: 2025-07-08

Assigner: MITRE

Description
A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtains a copy of the firmware can extract these credentials. This could allow the attacker to gain unauthorized access to the associated Twilio account, leading to information disclosure, potential service disruption, and unauthorized use of the Twilio services.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-07
Last Modified
2025-07-08
Generated
2026-05-07
AI Q&A
2025-07-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-52492
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the firmware of Paxton Paxton10 devices before version 4.6 SR6. The firmware file rootfs.tar.gz contains hard-coded Twilio API credentials (Account SID and Auth Token). An attacker who obtains this firmware can extract these credentials and gain unauthorized access to the associated Twilio account. [1]


How can this vulnerability impact me? :

If exploited, the attacker could cause information disclosure, disrupt services, and misuse Twilio services by accessing the compromised Twilio account without authorization. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by obtaining and inspecting the firmware file rootfs.tar.gz from Paxton Paxton10 devices prior to version 4.6 SR6. By extracting this firmware file, you can search for hard-coded Twilio API credentials such as the Twilio Account SID and Auth Token. Commands to detect this include downloading the firmware, extracting it, and searching for credential patterns. For example: 1. Download the firmware file (method depends on your device setup). 2. Extract the firmware: tar -xzf rootfs.tar.gz 3. Search for Twilio credentials: grep -r 'AC' ./ (Twilio Account SIDs typically start with 'AC') grep -r 'auth_token' ./ If such credentials are found hard-coded in the firmware, the device is vulnerable. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading the Paxton Paxton10 device firmware to version 4.6 SR6 or later, where this vulnerability is fixed. Additionally, if you have access to the Twilio account associated with the hard-coded credentials, you should rotate the Twilio Account SID and Auth Token to prevent unauthorized access. Monitoring for any suspicious activity on the Twilio account and restricting firmware downloads to trusted sources can also help reduce risk. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart