CVE-2025-41110
BaseFortify
Publication date: 2025-10-22
Last updated on: 2025-10-30
Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ghostrobotics | vision_60_firmware | 0.27.2 |
| ghostrobotics | vision_60 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability (CVE-2025-41110) involves the Ghost Robotics Vision 60 APK containing encrypted Wi-Fi and SSH credentials. An attacker can use these credentials to connect to the robot's Wi-Fi network and access all its data because the robot runs ROS 2 without default authentication. Additionally, the attacker can connect via SSH to gain full control of the robot, which could lead to physical damage to the robot or its surroundings. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to connect to the robot's Wi-Fi and view all data transmitted by the robot. The attacker can also gain full control of the robot via SSH, potentially causing physical damage to the robot itself or its environment. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve scanning for the presence of the Ghost Robotics Vision 60 robot on your network, especially looking for devices running ROS 2 without authentication and open SSH services. Since the vulnerability involves encrypted Wi-Fi and SSH credentials in the APK, you can check for suspicious SSH connections or unauthorized Wi-Fi access points related to the robot. Commands such as 'nmap -p 22 <robot_ip>' can check for open SSH ports, and monitoring network traffic for unauthorized connections to the robot's Wi-Fi or ROS 2 communication can help detect exploitation attempts. However, no specific detection commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the robot by isolating it on a secure network segment, disabling unused physical interfaces, and monitoring for unauthorized connections. Since the robot runs ROS 2 without default authentication and the APK contains encrypted credentials that can be exploited, it is critical to limit exposure by controlling network access and SSH connectivity. No official patches or solutions are available at the time of disclosure, so applying network-level controls and monitoring is recommended. [1]