CVE-2025-67399

MEDIUM

AIRTH SMART HOME AQI MONITOR Bootloader 1.005 - Unauthenticated Sensitive Information Exposure via UART Port

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-67399. PoCs published by rupeshsurve04.

AI-analyzed exploit summary This repository describes a hardware-based vulnerability in the AIRTH Smart Home AQI Monitor, where physical access to UART pins allows unauthorized firmware extraction due to missing hardware protections. The writeup details the process but does not include exploit code.

Description

An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller (Wi-Fi and BLE module) on the device is open to access

Exploits (1)

nomisec WRITEUP
by rupeshsurve04 · poc
https://github.com/rupeshsurve04/CVE-2025-67399

This repository describes a hardware-based vulnerability in the AIRTH Smart Home AQI Monitor, where physical access to UART pins allows unauthorized firmware extraction due to missing hardware protections. The writeup details the process but does not include exploit code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: AIRTH Smart Home AQI Monitor (Firmware 2.1.17)
No auth needed
Prerequisites: Physical access to the device · USB-to-TTL converter · Vendor-provided tools
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 4.6
EPSS 0.0015
EPSS Percentile 4.8%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200
Status published
Products (1)
airth/smart_home_aqi_monitor_bootloader 1.005
Published Jan 14, 2026
Tracked Since Feb 18, 2026