CVE-2025-65552

CRITICAL

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 - Info Disclosure

Title source: llm

Description

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames and replay them to trigger false alarms.

References (3)

[Not Applicable] http://d3d.com

[Third Party Advisory] https://github.com/EmbdCDACHyd/CVE/tree/main/CVE-2025-65552

View Writeup ZIP pw:eip

[Product] https://d3dsecurity.com/products/wifi-home-security-system-model-g12

Scores

CVSS v3 9.8

EPSS 0.0013

EPSS Percentile 31.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-294

Status published

Products (1)

d3dsecurity/zx-g12_firmware 2.1.17

Published Jan 12, 2026

Tracked Since Feb 18, 2026