CVE-2025-8762
BaseFortify
Publication date: 2025-08-13
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| instar | 4k | 3.11.1 |
| instar | 2k+ | 3.11.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1263 | The product is designed with access restricted to certain information, but it does not sufficiently protect against an unauthorized actor with physical access to these areas. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the UART Interface component of INSTAR 2K+ and 4K 3.11.1 Build 1124 devices. It involves improper physical access control, meaning an attacker with physical access to the device can exploit this issue to potentially manipulate the device. The vulnerability has been publicly disclosed and can be exploited on the physical device.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized physical access to the device, which may allow an attacker to compromise the device's confidentiality, integrity, and availability. This could result in sensitive data exposure, device malfunction, or unauthorized control over the device.