CVE-2025-67399 – This vulnerability allows a physically proximat... (How to Fix)

Q: What is the severity of CVE-2025-67399?

CVE-2025-67399 has a CVSS score of 4.6 (MEDIUM). This vulnerability allows a physically proximate attacker to extract sensitive information from the AIRTH SMART HOME AQI MONITOR via its exposed UART port on the BK7231N controller. Attackers can access bootloader data and potentially obtain credentials or device secrets. Only users of this specific smart home monitor with physical access to the device are affected.

📋 TL;DR

This vulnerability allows a physically proximate attacker to extract sensitive information from the AIRTH SMART HOME AQI MONITOR via its exposed UART port on the BK7231N controller. Attackers can access bootloader data and potentially obtain credentials or device secrets. Only users of this specific smart home monitor with physical access to the device are affected.

💻 Affected Systems

Products:

AIRTH SMART HOME AQI MONITOR

Versions: Bootloader v.1.005

Operating Systems: Embedded firmware on BK7231N controller

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default configuration where UART debugging ports are left accessible without proper protection.

📦 What is this software?

Smart Home Aqi Monitor Bootloader by Airth

View all CVEs affecting Smart Home Aqi Monitor Bootloader →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain device credentials, encryption keys, or firmware secrets, enabling further attacks on the smart home ecosystem or user privacy compromise.

🟠

Likely Case

Local attackers extract bootloader information and potentially device identifiers, but may not obtain highly sensitive operational data without additional vulnerabilities.

🟢

If Mitigated

With physical security controls preventing unauthorized access to device ports, the vulnerability has minimal impact.

🌐 Internet-Facing: LOW - This requires physical access to the device's UART port, not remote exploitation.

🏢 Internal Only: MEDIUM - In environments where devices are physically accessible (homes, offices), attackers with brief physical access could exploit this.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires physical access to the device and basic UART communication tools (serial adapter, terminal software). The GitHub repository contains detailed exploitation documentation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://airth.com (no specific advisory found)

Restart Required: No

Instructions:

No official patch available. Contact vendor for firmware updates that disable or secure UART access.

🔧 Temporary Workarounds

Physical UART Port Disable

all

Physically disable or obscure the UART port to prevent access

Device Physical Security

all

Place device in secure location where physical ports cannot be accessed

🧯 If You Can't Patch

Implement strict physical access controls to prevent unauthorized personnel from accessing devices
Consider replacing vulnerable devices with updated models if vendor releases fixed versions

🔍 How to Verify

Check if Vulnerable:

Connect to device's UART port using serial adapter (typically 3.3V, 115200 baud) and check if bootloader information is accessible without authentication.

Check Version:

Check bootloader version via UART connection or device firmware settings if available.

Verify Fix Applied:

Attempt UART connection after vendor patch - should require authentication or show no response.

📡 Detection & Monitoring

Log Indicators:

Physical tampering indicators, unexpected device resets

Network Indicators:

None - this is physical access only

SIEM Query:

Not applicable for network-based detection

📊 Metadata

CVE ID: CVE-2025-67399

CVSS v3 Score: 4.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.02% exploit probability (4.8th percentile)

Published: January 14, 2026

Last Updated: February 12, 2026

🔗 References

http://airth.com Permissions Required
https://github.com/rupeshsurve04/CVE-2025-67399/blob/main/AIRTH_SMART_HOME_AQI_MONITOR_CVE-2025-67399.pdf Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67399, you might also want to check these: