How severe is CVE-2025-30117?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2025-30117?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2025-30117 - HIGH Severity | CVSS 7.3

Vulnerability Description

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information through the settings interface. Remote attackers can modify power management settings, disable recording, delete stored footage, and turn off battery protection, leading to potential denial-of-service conditions and vehicle battery drainage.

Related Vulnerabilities

CVE-2016-4531

HIGH

CVSS:7.3(High)

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattende...

CWE-2852016

CVE-2019-1604

HIGH

CVSS:7.3(High)

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is du...

CWE-2852019

CVE-2021-0260

HIGH

CVSS:7.3(High)

An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read ...

CWE-2852021

CVE-2022-34405

HIGH

CVSS:7.3(High)

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to ...

CWE-2852022

CVE-2023-0734

HIGH

CVSS:7.3(High)

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4.

CWE-2852023

CVE-2023-27594

HIGH

CVSS:7.3(High)

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source ...

CWE-2852023