CVE-2025-11545
Unauthorized Access Vulnerability in Sharp Display Solutions Projectors
Publication date: 2025-12-22
Last updated on: 2025-12-22
Assigner: NEC Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sharp | display_solutions | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Sharp Display Solutions projectors allows an attacker to gain unauthorized access to the projector's HTTP server and execute arbitrary actions. It affects multiple NP-series projector models and involves exposure of sensitive system information to an unauthorized control sphere. [1]
How can this vulnerability impact me? :
The vulnerability can allow attackers to improperly access the projector's HTTP server and perform arbitrary actions, potentially leading to unauthorized control over the device. This could disrupt projector functionality, compromise sensitive information, or be used as a foothold for further attacks within a network. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, Sharp recommends applying a firmware update available by contacting Sharp. Alternatively, use the affected projectors exclusively within a secure intranet protected by a firewall and avoid any direct Internet connection to prevent unauthorized external access. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.