CVE-2025-34500
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-24

Last updated on: 2025-10-27

Assigner: VulnCheck

Description
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's USB update port - can craft or modify firmware packages to execute arbitrary code as root, allowing persistent compromise of the device's integrity and deck randomization process. Physical or on-premises access remains the most likely attack path, though network-exposed or telemetry-enabled deployments could theoretically allow remote exploitation if misconfigured. The vendor confirmed that firmware updates have been issued to correct these update-chain weaknesses and that USB update access has been disabled on affected units.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-24
Last Modified
2025-10-27
Generated
2026-05-06
AI Q&A
2025-10-25
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34500
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
light_and_wonder deck_mate_1 *
light_and_wonder deck_mate_2 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
CWE-321 The product uses a hard-coded, unchangeable cryptographic key.
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Deck Mate 2's firmware update mechanism allows attackers with access to the update interface (usually via the USB update port) to craft or modify firmware packages without proper cryptographic signature verification. The firmware updates are encrypted with a single hard-coded AES key shared across devices and use a truncated HMAC for integrity validation, which is insufficient. This enables attackers to execute arbitrary code as root, leading to persistent compromise of the device's integrity and its deck randomization process.


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an attacker to gain root-level code execution on the device, resulting in persistent compromise. This means the attacker can alter the device's firmware and behavior, potentially undermining the device's integrity and the randomness of its deck randomization process. Physical or on-premises access is the most likely attack vector, but remote exploitation could be possible if the device is misconfigured to expose network or telemetry interfaces.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include applying the vendor-issued firmware updates that correct the update-chain weaknesses and disabling USB update access on affected units to prevent unauthorized firmware modifications.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart