CVE-2025-1879

LOW

i-Drive i11-i12 <20250227 - Hard-Coded Credentials

Title source: llm

Description

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.

References (4)

[Third Party Advisory] https://vuldb.com/?id.298193

[Permissions Required] https://vuldb.com/?ctiid.298193

[Third Party Advisory] https://vuldb.com/?submit.510950

[Third Party Advisory] https://github.com/geo-chen/i-Drive

View Writeup ZIP pw:eip

Scores

CVSS v3 2.4

EPSS 0.0017

EPSS Percentile 38.1%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-259 CWE-798

Status published

Products (2)

i-drive/i11_firmware < 20250227

i-drive/i12_firmware < 20250227

Published Mar 03, 2025

Tracked Since Feb 18, 2026