CVE-2025-25650

CRITICAL

Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-25650. PoCs published by AbhijithAJ.

AI-analyzed exploit summary This repository contains a writeup for CVE-2025-25650, a vulnerability in Dorset Smart Lock, with no exploit code provided. It references an attached PDF for further details.

Description

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards to bypass authentication.

Exploits (1)

nomisec WRITEUP

by AbhijithAJ · poc

https://github.com/AbhijithAJ/Dorset_SmartLock_Vulnerability

View Code ZIP pw:eip

This repository contains a writeup for CVE-2025-25650, a vulnerability in Dorset Smart Lock, with no exploit code provided. It references an attached PDF for further details.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Dorset Smart Lock (version unspecified)

No auth needed

Prerequisites: Access to the attached PDF for vulnerability details

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://github.com/AbhijithAJ/Dorset_SmartLock_Vulnerability/blob/main/Dorset_Smart_Lock_Security_Assessment_Report.pdf

View Writeup ZIP pw:eip

Various Sources

https://media.blackhat.com/us-13/US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf

Various Sources

https://www.getkisi.com/blog/how-to-copy-access-cards-and-keyfobs

Scores

CVSS v3 9.1

EPSS 0.0075

EPSS Percentile 49.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-522

Status published

Published Mar 17, 2025

Tracked Since Feb 18, 2026