CVE-2025-41110
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-30

Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)

Description
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full control of the robot, which could cause physical damage to the robot itself or its environment.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-30
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-41110
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ghostrobotics vision_60_firmware 0.27.2
ghostrobotics vision_60 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability (CVE-2025-41110) involves the Ghost Robotics Vision 60 APK containing encrypted Wi-Fi and SSH credentials. An attacker can use these credentials to connect to the robot's Wi-Fi network and access all its data because the robot runs ROS 2 without default authentication. Additionally, the attacker can connect via SSH to gain full control of the robot, which could lead to physical damage to the robot or its surroundings. [1]

Impact Analysis

If exploited, this vulnerability allows an attacker to connect to the robot's Wi-Fi and view all data transmitted by the robot. The attacker can also gain full control of the robot via SSH, potentially causing physical damage to the robot itself or its environment. [1]

Detection Guidance

Detection can involve scanning for the presence of the Ghost Robotics Vision 60 robot on your network, especially looking for devices running ROS 2 without authentication and open SSH services. Since the vulnerability involves encrypted Wi-Fi and SSH credentials in the APK, you can check for suspicious SSH connections or unauthorized Wi-Fi access points related to the robot. Commands such as 'nmap -p 22 <robot_ip>' can check for open SSH ports, and monitoring network traffic for unauthorized connections to the robot's Wi-Fi or ROS 2 communication can help detect exploitation attempts. However, no specific detection commands are provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include restricting network access to the robot by isolating it on a secure network segment, disabling unused physical interfaces, and monitoring for unauthorized connections. Since the robot runs ROS 2 without default authentication and the APK contains encrypted credentials that can be exploited, it is critical to limit exposure by controlling network access and SSH connectivity. No official patches or solutions are available at the time of disclosure, so applying network-level controls and monitoring is recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-41110. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart