CVE-2025-63674
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-24

Last updated on: 2025-12-30

Assigner: MITRE

Description
An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-24
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-11-25
EPSS Evaluated
2026-06-14
NVD
CVE-2025-63674
EUVD
EUVD-2025-199013
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
blurams a31c_firmware 23.1227.472.2926
blurams a31c *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows a local physical attacker to execute arbitrary code by overriding the bootloader on the device's SD card.

Impact Analysis

An attacker with physical access can exploit this vulnerability to run arbitrary code on the device, potentially compromising the security and integrity of the camera and any data it handles.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-63674. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart