CVE-2025-34501
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-03

Last updated on: 2025-11-04

Assigner: VulnCheck

Description
Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user interface, while multiple management services (SSH, HTTP, Telnet, SMB, X11) are enabled by default. If an attacker can reach these interfaces - most often through local or near-local access such as connecting to the USB or Ethernet ports beneath the table - the built-in credentials permit administrative login and full control of the system. Once authenticated, an attacker can access firmware utilities, modify controller software, and establish persistent compromise. Remote attack paths via network, cellular, or telemetry links may exist in specific configurations but generally require additional capabilities or operator error. The vendor reports that USB access has been disabled in current firmware builds.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-03
Last Modified
2025-11-04
Generated
2026-06-16
AI Q&A
2025-11-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34501
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
shufflemaster deck_mate_1 *
shufflemaster deck_mate_2 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves Deck Mate 2 devices that come with static, hard-coded credentials for both the root shell and the web user interface. Multiple management services such as SSH, HTTP, Telnet, SMB, and X11 are enabled by default. An attacker who can access these interfaces, typically through local or near-local access like USB or Ethernet ports under the table, can use these built-in credentials to log in with administrative privileges and gain full control of the system. Once logged in, the attacker can access firmware utilities, modify controller software, and maintain persistent control over the device. Although remote attacks via network, cellular, or telemetry links might be possible in some configurations, they generally require additional capabilities or operator mistakes. The vendor has disabled USB access in current firmware versions to mitigate some attack vectors.

Impact Analysis

If exploited, this vulnerability allows an attacker to gain full administrative control over the Deck Mate 2 device. This means the attacker can modify firmware, change controller software, and maintain persistent access, potentially disrupting device functionality, compromising data integrity, or using the device as a foothold for further attacks within the network. The risk is higher if an attacker can physically or near-physically access the device's USB or Ethernet ports.

Detection Guidance

Detection can involve checking for active management services such as SSH, HTTP, Telnet, SMB, and X11 running on the device, especially if it is a Deck Mate 2 system. You can scan the device's open ports using commands like 'nmap' to identify these services. For example, running 'nmap -p 22,80,23,445,6000 <device_ip>' can help detect if these services are accessible. Additionally, attempting to log in using the known hard-coded credentials on these services can confirm vulnerability presence. Physical inspection for enabled USB or Ethernet ports beneath the table may also help identify potential local access points.

Mitigation Strategies

Immediate mitigation steps include disabling or restricting access to the management services (SSH, HTTP, Telnet, SMB, X11) on the affected device. Physically securing or disabling USB and Ethernet ports to prevent local or near-local access is also critical. Updating the device firmware to the latest version that disables USB access, as reported by the vendor, is recommended. Changing or removing the hard-coded credentials, if possible, and limiting network access to trusted users can further reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34501. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart