Login Sign Up

CVE-2025-2121

6.3 MEDIUM

📋 TL;DR

A critical vulnerability in Thinkware Car Dashcam F800 Pro allows improper access controls in the File Storage component. Attackers on the same local network can exploit this to access unauthorized files. Only users of this specific dashcam model with firmware up to February 26, 2025 are affected.

💻 Affected Systems

Products:
  • Thinkware Car Dashcam F800 Pro
Versions: Up to firmware version 20250226
Operating Systems: Embedded dashcam firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices connected to local networks. Standalone operation without network connectivity is not vulnerable.

📦 What is this software?

F800 Pro Firmware by Thinkware

View all CVEs affecting F800 Pro Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full access to stored dashcam footage, potentially exposing sensitive location data, personal information, or compromising evidence.

🟠

Likely Case

Unauthorized access to dashcam recordings and stored files, potentially exposing private video footage and location history.

🟢

If Mitigated

Limited to no impact if device is isolated from untrusted networks and proper network segmentation is implemented.

🌐 Internet-Facing: LOW - The vulnerability requires local network access and cannot be exploited directly from the internet.
🏢 Internal Only: HIGH - Attackers on the same local network can exploit this vulnerability without authentication.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code is publicly available on GitHub. Attack requires local network access but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Contact Thinkware support for firmware updates and monitor their website for security advisories.

🔧 Temporary Workarounds

Network Isolation

all

Disconnect dashcam from all networks or place on isolated VLAN

Disable Network Features

all

Turn off Wi-Fi and network connectivity in dashcam settings

🧯 If You Can't Patch

  • Physically disconnect dashcam from any network when not actively transferring files
  • Implement strict network segmentation to isolate dashcam from other devices

🔍 How to Verify

Check if Vulnerable:

Check dashcam firmware version in device settings. If version is 20250226 or earlier, device is vulnerable.

Check Version:

Check firmware version in dashcam settings menu (device-specific, no universal command)

Verify Fix Applied:

No verification possible until vendor releases patched firmware version.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized file access attempts in dashcam logs
  • Unexpected network connections to dashcam

Network Indicators:

  • Unusual file transfer patterns from dashcam
  • Multiple failed authentication attempts

SIEM Query:

No standard SIEM query available for embedded dashcam devices

📊 Metadata

CVE ID: CVE-2025-2121
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-266
EPSS Score: 0.04% exploit probability (10.6th percentile)
Published: March 9, 2025
Last Updated: July 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-2121, you might also want to check these:

CVE-2026-23800 10.0

This vulnerability allows attackers to escalate privileges in Modular DS modular-connector WordPress...

Same vulnerability type (CWE-266)
CVE-2026-23550 10.0

This critical vulnerability in Modular DS allows attackers to escalate privileges due to incorrect p...

Same vulnerability type (CWE-266)
CVE-2025-41115 10.0

A critical vulnerability in Grafana's SCIM provisioning allows malicious SCIM clients to provision u...

Same vulnerability type (CWE-266)