CVE-2025-65829
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-10

Last updated on: 2025-12-30

Assigner: MITRE

Description
The ESP32 system on a chip (SoC) that powers the Meatmeet basestation device was found to lack Secure Boot. The Secure Boot feature ensures that only authenticated software can execute on the device. The Secure Boot process forms a chain of trust by verifying all mutable software entities involved in the Application Startup Flow. As a result, an attacker with physical access to the device can flash modified firmware to the device, resulting in the execution of malicious code upon startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-10
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65829
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer_firmware 1.0.34.4
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists because the ESP32 system on a chip (SoC) used in the Meatmeet basestation device lacks Secure Boot. Secure Boot is a security feature that ensures only authenticated software can run on the device by verifying all software components during startup. Without Secure Boot, an attacker with physical access can flash modified firmware onto the device, causing it to execute malicious code when it starts up.

Impact Analysis

The vulnerability allows an attacker with physical access to the Meatmeet basestation device to install and run malicious firmware. This can lead to unauthorized control of the device, potential data breaches, disruption of device functionality, and compromise of any systems or networks connected to the device.

Mitigation Strategies

To mitigate this vulnerability, enable Secure Boot on the ESP32 system to ensure that only authenticated software can execute on the device. This prevents attackers with physical access from flashing modified firmware and executing malicious code upon startup.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65829. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart