Login Sign Up

CVE-2025-7070

4.3 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability in IROAD Dashcam Q9 allows attackers on the local network to spam MFA pairing requests, potentially causing resource exhaustion or denial of service. The attack targets the MFA Pairing Request Handler component, requiring physical or network proximity to the device. Users of affected dashcam models are at risk.

💻 Affected Systems

Products:
  • IROAD Dashcam Q9
Versions: Up to 20250624
Operating Systems: Embedded dashcam firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices with firmware up to the specified date are vulnerable. Requires attacker on local network.

📦 What is this software?

Q9 Firmware by Iroad

View all CVEs affecting Q9 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Device becomes unresponsive due to resource exhaustion, preventing legitimate pairing and potentially disrupting dashcam functionality.

🟠

Likely Case

Temporary disruption of MFA pairing functionality, causing inconvenience for legitimate users trying to pair devices.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring in place.

🌐 Internet-Facing: LOW - Attack requires local network access according to description.
🏢 Internal Only: MEDIUM - Attackers on the local network can exploit this, but requires specific targeting of dashcam devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Proof of concept available in GitHub repository. Attack requires sending MFA pairing requests from local network.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available - vendor did not respond to disclosure

Restart Required: No

Instructions:

No official patch available. Monitor vendor website for firmware updates.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate dashcam devices on separate VLAN or network segment to limit attack surface

Disable Unused Network Services

all

Turn off Wi-Fi or Bluetooth pairing when not actively pairing devices

🧯 If You Can't Patch

  • Physically secure dashcam installation to prevent unauthorized network access
  • Monitor network traffic for unusual MFA pairing request patterns

🔍 How to Verify

Check if Vulnerable:

Check firmware version in dashcam settings. If version is 20250624 or earlier, device is vulnerable.

Check Version:

Check through dashcam device interface or companion mobile app

Verify Fix Applied:

Check for firmware updates from IROAD vendor website. No verification possible until vendor releases patch.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed MFA pairing attempts
  • Unusual frequency of pairing requests

Network Indicators:

  • High volume of MFA pairing requests from single source
  • Pairing requests outside normal usage patterns

SIEM Query:

source_ip="local_network" AND event_type="mfa_pairing_request" AND count > threshold

📊 Metadata

CVE ID: CVE-2025-7070
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE: CWE-400
EPSS Score: 0.15% exploit probability (35.6th percentile)
Published: July 4, 2025
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-7070, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)
CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)
CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)