CVE-2025-12049

CRITICAL

Sharp Mp-01 Firmware - Missing Authentication

Title source: rule

Description

Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the authoring software to the affected product without authentication.

References (1)

[Vendor Advisory] https://sharp-displays.jp.sharp/global/support/info/MP01-CVE-2025-12049.html

Scores

CVSS v3 9.8

EPSS 0.0010

EPSS Percentile 26.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-306

Status published

Affected Products (1)

sharp/mp-01_firmware

Timeline

Published Dec 22, 2025

Tracked Since Feb 18, 2026