CVE-2025-55622
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-22
Last updated on: 2025-10-02
Assigner: MITRE
Description
Description
Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. NOTE: this is disputed by the Supplier because it is intentional behavior to ensure a predictable user experience.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| reolink | reolink | 4.54.0.4.20250526 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-491 | A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Reolink v4.54.0.4.20250526 is a task hijacking issue caused by inappropriate taskAffinity settings. This means that tasks within the application can be improperly associated or intercepted, potentially allowing unauthorized control or interference with the application's processes.
How can this vulnerability impact me? :
The task hijacking vulnerability could allow an attacker to interfere with or take control of certain tasks within the Reolink application, potentially leading to unauthorized actions or disruptions in the application's normal operation.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70