CVE-2025-8699
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-12

Last updated on: 2025-11-03

Assigner: SEC Consult Vulnerability Lab

Description
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers could potentially use this vulnerability to change the balance on the cards and generate money. The account balance is stored on an insecure MiFare Classic NFC card and can be read and written back.Β By carefully observing changes in card dumps, one can identify fields that store the cash value of the card. Additionally, a checksum can be identified, which is created by XOR-ing the cash and an unknown field with a certain value. By updating the fields accordingly, arbitrary amounts of money can be loaded onto the card (up to $655,35) to pay for goods.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-12
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-09-12
EPSS Evaluated
2026-06-14
NVD
CVE-2025-8699
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
kiosoft stored_value_unattended_payment_solution *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-922 The product stores sensitive information without properly limiting read or write access by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects KioSoft's Stored Value Unattended Payment Solutions that use MiFare Classic NFC cards to store account balances. The balance is stored insecurely on the card and can be read and modified by attackers. By analyzing the card data and the checksum mechanism, attackers can alter the stored balance to arbitrary amounts (up to $65,535), effectively allowing them to generate money on the card.

Impact Analysis

If you use KioSoft's Stored Value Unattended Payment Solutions with vulnerable NFC cards, an attacker could manipulate the card balance to add unauthorized funds. This could lead to financial loss for merchants or service providers accepting these cards, as attackers can pay for goods or services without legitimate funds.

Detection Guidance

This vulnerability can be detected by reading and analyzing the data stored on the MiFare Classic NFC cards used by the payment solution. By dumping the card data and observing changes, one can identify the fields storing the cash value and the checksum field created by XOR operations. Specific commands to read MiFare Classic NFC cards include using NFC tools such as 'nfc-mfclassic' or 'mfoc' to dump the card data for analysis.

Mitigation Strategies

Immediate mitigation steps include discontinuing the use of insecure MiFare Classic NFC cards for storing account balances, as they can be read and written to by attackers. Transitioning to more secure NFC card technologies with proper encryption and authentication mechanisms is recommended to prevent unauthorized balance modification.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-8699. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart