CVE-2025-61976
BaseFortify
Publication date: 2025-12-16
Last updated on: 2025-12-23
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| inaba | ib-mct001_firmware | * |
| inaba | ib-mct001 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-61976 is a vulnerability in the CHOCO TEI WATCHER mini (IB-MCT001) where a remote attacker can send specially crafted requests to the Video Download interface. This causes the system to become unresponsive due to improper checking for unusual or exceptional conditions in the device's software. [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause the CHOCO TEI WATCHER mini device to become unresponsive when a remote attacker sends malicious requests to the Video Download interface. This denial of service can disrupt normal operations and availability of the device, potentially impacting any systems or processes relying on it. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting the device's use to within a trusted LAN environment and limiting access from untrusted networks or hosts. When connecting the device to the internet, employ firewalls or Virtual Private Networks (VPNs) to prevent unauthorized access and minimize the scope of such connections. Users should refer to the product manual for detailed configuration changes. [1, 2]