CVE-2025-67135
📋 TL;DR
This vulnerability in the PF-50 1.2 keyfob of the PGST PG107 Alarm System allows attackers to perform code replay attacks, enabling unauthorized access to secured areas by capturing and retransmitting valid access codes. This affects all users of the PGST PG107 Alarm System version 1.25.05.hf with the vulnerable keyfob hardware.
💻 Affected Systems
- PGST PG107 Alarm System
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete physical security compromise where attackers gain unrestricted access to secured premises, potentially leading to theft, vandalism, or unauthorized entry to sensitive areas.
Likely Case
Unauthorized access to buildings or secured areas by attackers who can capture and replay keyfob signals from nearby locations.
If Mitigated
Limited impact if additional physical security controls (guards, secondary authentication) are in place to detect unauthorized access attempts.
🎯 Exploit Status
Requires physical proximity to capture keyfob signals and specialized RF equipment to replay them. No authentication bypass needed once signals are captured.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Contact vendor for updated firmware/hardware
Vendor Advisory: https://neutsec.io/advisories/cve-2025-67135
Restart Required: No
Instructions:
1. Contact PGST for updated keyfob hardware or firmware patch. 2. Replace vulnerable PF-50 1.2 keyfobs with updated versions. 3. Update alarm system firmware if available.
🔧 Temporary Workarounds
Physical Security Enhancement
allImplement additional physical security controls to compensate for vulnerable keyfobs
Keyfob Usage Monitoring
allMonitor and log all keyfob usage patterns to detect anomalies
🧯 If You Can't Patch
- Replace vulnerable keyfobs with alternative access control methods (keypads, biometrics)
- Implement secondary authentication for all sensitive areas (guard verification, dual-factor)
🔍 How to Verify
Check if Vulnerable:
Check keyfob model number (PF-50 1.2) and alarm system firmware version (1.25.05.hf)Check Version:
Check system settings menu or contact vendor for version verificationVerify Fix Applied:
Verify replacement keyfobs have different model numbers or updated firmware from vendor📡 Detection & Monitoring
Log Indicators:
- Multiple access attempts from same keyfob in short time
- Access attempts at unusual hours
- Access patterns inconsistent with normal usage
Network Indicators:
- RF signal capture devices detected near premises
- Unusual RF activity in keyfob frequency range
SIEM Query:
Access logs showing repeated keyfob usage within implausible timeframes