CVE-2025-65885
Unknown Unknown - Not Provided
Startup Script Injection in Delight CFW for Nokia Symbian Devices

Publication date: 2025-12-26

Last updated on: 2025-12-26

Assigner: MITRE

Description
An issue was discovered in the Delight Custom Firmware (CFW) for Nokia Symbian Belle devices on Nokia 808 (Delight v1.8), Nokia N8 (Delight v6.7), Nokia E7 (Delight v1.3), Nokia C7 (Delight v6.7), Nokia 700 (Delight v1.2), Nokia 701 (Delight v1.1), Nokia 603 (Delight v1.0), Nokia 500 (Delight v1.2), Nokia E6 (Delight v1.0), Nokia Oro (Delight v1.0), and Vertu Constellation T (Delight v1.0) allowing local attackers to inject startup scripts via crafted .txt files in the :\Data directory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-26
Last Modified
2025-12-26
Generated
2026-05-07
AI Q&A
2025-12-26
EPSS Evaluated
2026-05-05
NVD
CVE-2025-65885
EUVD
EUVD-2025-205437
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
nokia delight_custom_firmware 1.8
nokia delight_custom_firmware 6.7
nokia delight_custom_firmware 1.0
nokia delight_custom_firmware 1.1
nokia delight_custom_firmware 1.3
nokia delight_custom_firmware 1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Delight Custom Firmware for various Nokia Symbian Belle devices. It allows local attackers to inject startup scripts by placing specially crafted .txt files in the :\Data directory, which can lead to unauthorized code execution during device startup.


How can this vulnerability impact me? :

The vulnerability can allow a local attacker to execute arbitrary code on the affected device by injecting startup scripts. This could lead to unauthorized actions, compromise of device integrity, data theft, or further exploitation of the device.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of a specially crafted plaintext file named 'Delight.txt' in the E:\Data\ directory on affected devices. A simple test involves creating a Delight.txt file with the content `note "Hello World!"` in E:\Data\ and rebooting the device to see if a 'Hello World!' alert appears on every boot, indicating the vulnerability is active. Since the attack vector is local filesystem write access, scanning the E:\Data\ directory for the Delight.txt file is a direct detection method. Specific commands are not provided, but users should inspect the E:\Data\ directory contents for this file. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include deleting the E:\Data\Delight.txt file if it exists and avoiding the installation of applications that create this file. Since the developer has refused to release an update to fix the issue permanently, users must manually remove the file and prevent its creation to avoid exploitation. A permanent fix would require updating Delight CFW to restrict reading Delight.txt only from the Z: drive, but this is not currently available. [2]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability allows arbitrary code execution and system state modification without user consent, which could lead to unauthorized access and manipulation of personal data stored on the device. Such unauthorized access and potential data breaches could violate data protection regulations like GDPR and HIPAA that require safeguarding personal and sensitive information. The lack of validation and authentication in executing startup scripts from a user-writable directory increases the risk of data compromise, thereby negatively impacting compliance with these standards. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart