CVE-2025-11540

Q: What is the severity of CVE-2025-11540?

CVE-2025-11540 has a CVSS score of 7.5 (HIGH). A path traversal vulnerability in Sharp Display Solutions projectors allows attackers to read arbitrary files on the device's filesystem. This affects organizations using vulnerable Sharp projector models, potentially exposing sensitive configuration files or credentials stored on the projector.

7.5 HIGH

Path Traversal

📋 TL;DR

A path traversal vulnerability in Sharp Display Solutions projectors allows attackers to read arbitrary files on the device's filesystem. This affects organizations using vulnerable Sharp projector models, potentially exposing sensitive configuration files or credentials stored on the projector.

💻 Affected Systems

Products:

Sharp Display Solutions projectors

Versions: Specific models and firmware versions not detailed in advisory

Operating Systems: Embedded projector firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations appear vulnerable based on advisory description

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of projector configuration, theft of stored credentials, exposure of network settings, and potential lateral movement to other network devices.

🟠

Likely Case

Unauthorized access to configuration files containing network settings, admin credentials, and projector operational data.

🟢

If Mitigated

Limited exposure of non-sensitive system files if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities typically require minimal technical skill to exploit once details are known

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in advisory

Vendor Advisory: https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html

Restart Required: Yes

Instructions:

1. Visit Sharp Display Solutions support portal 2. Check for firmware updates for your projector model 3. Download and apply latest firmware 4. Restart projector to complete installation

🔧 Temporary Workarounds

Network Segmentation

all

Isolate projectors on separate VLAN with restricted access

Access Control Lists

all

Implement firewall rules to restrict projector management interface access

🧯 If You Can't Patch

Remove projectors from internet-facing networks
Implement strict network access controls to projector management interfaces

🔍 How to Verify

Check if Vulnerable:

Check projector firmware version against vendor advisory and attempt path traversal test if authorized

Check Version:

Check projector web interface or physical display for firmware version

Verify Fix Applied:

Verify firmware version matches patched version from vendor and test path traversal is no longer possible

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in projector logs
Multiple ../ sequences in HTTP requests

Network Indicators:

HTTP requests containing path traversal sequences to projector IPs

SIEM Query:

http.url:*../* AND dst_ip:projector_subnet

📊 Metadata

CVE ID: CVE-2025-11540

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

EPSS Score: 0.07% exploit probability (20.2th percentile)

Published: December 22, 2025

Last Updated: January 15, 2026

🔗 References

https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11540.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Np Cr5450h Firmware by Sharp

Np Cr5450hl Firmware by Sharp

Np Cr5450w Firmware by Sharp

Np Cr5450wl Firmware by Sharp

Np P452h Firmware by Sharp

Np P452hg Firmware by Sharp

Np P452w Firmware by Sharp

Np P452wg Firmware by Sharp

Np P502h Firmware by Sharp

Np P502h Firmware by Sharp

Np P502hg Firmware by Sharp

Np P502hl 2 Firmware by Sharp

Np P502hl Firmware by Sharp

Np P502hl Firmware by Sharp

Np P502hlg 2 Firmware by Sharp

Np P502hlg Firmware by Sharp

Np P502w Firmware by Sharp