CVE-2025-15083 – This vulnerability allows physical attackers to... (How to Fix)

Q: What is the severity of CVE-2025-15083?

CVE-2025-15083 has a CVSS score of 2.0 (LOW). This vulnerability allows physical attackers to access the on-chip debug and test interface via the UART interface on TOZED ZLT M30s devices. Attackers could potentially extract sensitive data or modify device firmware. Only users of TOZED ZLT M30s devices up to version 1.47 are affected.

📋 TL;DR

This vulnerability allows physical attackers to access the on-chip debug and test interface via the UART interface on TOZED ZLT M30s devices. Attackers could potentially extract sensitive data or modify device firmware. Only users of TOZED ZLT M30s devices up to version 1.47 are affected.

💻 Affected Systems

Products:

TOZED ZLT M30s

Versions: Up to version 1.47

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: This is a hardware/firmware vulnerability affecting the UART debug interface. Physical access to the device is required for exploitation.

📦 What is this software?

Zlt M30s Firmware by Gztozed

View all CVEs affecting Zlt M30s Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Physical attackers could extract sensitive data, modify firmware, or gain persistent access to the device through the debug interface.

🟠

Likely Case

Limited impact requiring physical access to the device; most likely used for device analysis or firmware extraction by researchers or attackers with physical access.

🟢

If Mitigated

With proper physical security controls, the risk is minimal as attackers cannot access the UART interface.

🌐 Internet-Facing: LOW - This requires physical access to the device's UART interface.

🏢 Internal Only: MEDIUM - Physical access to devices in internal environments could allow exploitation by insiders or visitors.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Exploit details have been publicly disclosed. Physical access and specialized hardware/knowledge are required for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None - vendor did not respond to disclosure

Restart Required: No

Instructions:

No official patch available. Consider physical security controls or device replacement if concerned.

🔧 Temporary Workarounds

Physical Security Controls

all

Implement physical security measures to prevent unauthorized access to device UART interfaces

Disable or Protect UART Interface

all

Physically disable or protect the UART debug interface on affected devices

🧯 If You Can't Patch

Implement strict physical access controls to prevent unauthorized personnel from accessing devices
Consider replacing affected devices with newer models or versions if available

🔍 How to Verify

Check if Vulnerable:

Check device firmware version. If running version 1.47 or earlier, device is vulnerable.

Check Version:

Check device web interface or console for firmware version information

Verify Fix Applied:

No official fix available to verify. Physical inspection of UART interface protection would be required.

📡 Detection & Monitoring

Log Indicators:

Physical access logs showing unauthorized device access
Unexpected device reboots or configuration changes

Network Indicators:

None - this is a physical access vulnerability

SIEM Query:

Search for physical access violations or unauthorized device tampering events

📊 Metadata

CVE ID: CVE-2025-15083

CVSS v3 Score: 2.0 (LOW)

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-1191

EPSS Score: 0.03% exploit probability (6.6th percentile)

Published: December 25, 2025

Last Updated: January 20, 2026

🔗 References

https://hacklab.eu.org/blogs/zlt_m30s_debug_interface Exploit,Third Party Advisory
https://vuldb.com/?ctiid.338411 Permissions Required,VDB Entry
https://vuldb.com/?id.338411 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.707974 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15083, you might also want to check these: