CVE-2025-25650
📋 TL;DR
This vulnerability in Dorset DG 201 Digital Lock allows attackers to clone NFC cards by exploiting insecure storage of NFC data, enabling unauthorized physical access. It affects users of the specific lock model with vulnerable firmware. The high CVSS score reflects the authentication bypass risk.
💻 Affected Systems
- Dorset DG 201 Digital Lock
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete physical security compromise where attackers gain unrestricted access to secured premises by cloning legitimate NFC cards.
Likely Case
Unauthorized individuals clone existing NFC cards to gain physical access to buildings or rooms protected by these locks.
If Mitigated
With proper physical security controls and monitoring, impact is limited to specific compromised cards rather than entire access systems.
🎯 Exploit Status
Attack requires physical proximity to NFC cards and basic RFID cloning equipment. The GitHub reference includes detailed exploitation methodology.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Unknown
Restart Required: No
Instructions:
No official patch available. Contact Dorset vendor for firmware updates or replacement recommendations.
🔧 Temporary Workarounds
Physical Access Control Enhancement
allImplement additional physical security layers beyond NFC authentication
NFC Card Management
allImplement strict NFC card issuance, tracking, and revocation procedures
🧯 If You Can't Patch
- Replace vulnerable locks with models using secure NFC implementations
- Implement multi-factor physical access (NFC + PIN, biometric, or physical key backup)
🔍 How to Verify
Check if Vulnerable:
Check lock firmware version via manufacturer's app or physical inspection. Version H5_433WBSK_v2.2_220605 is vulnerable.Check Version:
No standard command - check via manufacturer's mobile app or physical device interface.Verify Fix Applied:
Verify firmware has been updated to a version not listed as vulnerable. Test with NFC cloning equipment if possible.📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns, multiple access attempts with same card ID in short time
Network Indicators:
- Not applicable - physical access system
SIEM Query:
Not applicable for physical access systems without digital logging integration