CVE-2025-30124
📋 TL;DR
This vulnerability affects Marbella KR8s Dashcam FF 2.0.8 devices, where inserting a new SD card causes the dashcam's password to be written in cleartext onto the card. Attackers with brief physical access can steal the password by swapping SD cards, potentially compromising the device's security.
💻 Affected Systems
- Marbella KR8s Dashcam FF
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker gains full administrative access to the dashcam, allowing them to disable security features, extract sensitive location/travel data, or install malicious firmware.
Likely Case
Local attackers with brief physical access steal the password and use it to access the dashcam's settings or stored data.
If Mitigated
With proper physical security controls, the dashcam remains protected as the vulnerability requires direct physical access to exploit.
🎯 Exploit Status
Exploitation requires physical access to the dashcam and a blank SD card. The process is simple: insert SD card, wait for password to be written, remove and read the password from the card.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://makagps.com/
Restart Required: No
Instructions:
No official patch available. Contact vendor Marbella/Makagps for firmware updates. Check vendor website for security advisories.
🔧 Temporary Workarounds
Disable password protection
allRemove password protection from the dashcam to prevent password exposure via SD card insertion.
Navigate to dashcam settings > Security > Disable password protection
Use encrypted SD cards
allUse hardware-encrypted SD cards that prevent reading of cleartext data without proper authentication.
🧯 If You Can't Patch
- Implement strict physical security controls for dashcams (locked compartments, tamper-evident seals)
- Regularly monitor dashcams for unauthorized SD card swaps or physical tampering
🔍 How to Verify
Check if Vulnerable:
Insert a blank SD card into the dashcam, remove it after device boots, and check if a password file exists in cleartext on the SD card.Check Version:
Check dashcam settings menu for firmware version information (typically under System > About or similar)Verify Fix Applied:
After applying any workaround, repeat the SD card insertion test to confirm no password is written in cleartext.📡 Detection & Monitoring
Log Indicators:
- Physical access logs showing SD card insertion events
- Security setting changes without authentication
Network Indicators:
- Unusual configuration changes to dashcam if connected to network
SIEM Query:
Not applicable - primarily physical security monitoring required🔗 References
- https://geochen.medium.com/marbella-dashcam-ab40ca41adec
- https://github.com/geo-chen/Marbella/
- https://github.com/geo-chen/Marbella/blob/main/README.md#finding-4---cve-2025-30124-passwords-are-stored-in-plaintext-and-can-be-retrieved-with-physical-contact
- https://makagps.com/
- https://github.com/geo-chen/Marbella/blob/main/README.md#finding-4---cve-2025-30124-passwords-are-stored-in-plaintext-and-can-be-retrieved-with-physical-contact
