CVE-2025-65552
BaseFortify
Publication date: 2026-01-12
Last updated on: 2026-02-03
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | d3d_wifi_home_security_system | 2.1.1 |
| d3dsecurity | zx-g12_firmware | 2.1.17 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-294 | A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on its 433 MHz sensor communication channel. Because the system lacks rolling codes, message authentication, and anti-replay protection, an attacker within RF range can record valid alarm or control signals and replay them to trigger false alarms.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to trigger false alarms by replaying recorded valid signals. This could lead to unnecessary emergency responses, reduced trust in the security system, and potential security breaches if attackers exploit the system to mask real intrusions.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should limit the RF range exposure of the D3D Wi-Fi Home Security System ZX-G12 by physically securing the device and its sensors to reduce attacker proximity. Additionally, consider monitoring for unusual alarm triggers that may indicate replay attacks. Since the system lacks rolling codes and anti-replay protection, upgrading to a system version or model that implements these security features is recommended once available.