CVE-2025-69822

HIGH

Atomberg Erica Smart Fan Firmware - Information Disclosure

Title source: rule

Description

An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame

Exploits (1)

nomisec SUSPICIOUS

by CipherX1802 · poc

https://github.com/CipherX1802/CVE-2025-69822-Atomberg_Erica_SmatFan_Security_Assessment

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://github.com/CipherX1802/CVE-2025-69822-Atomberg_Erica_SmatFan_Security_Assessment.git

[Exploit, Third Party Advisory] https://github.com/CipherX1802/CVE-2025-69822-Atomberg_Erica_SmatFan_Security_Assessment/blob/main/Atomberg_Erica_SmatFan_Security_Assessment_Report.pdf

Scores

CVSS v3 7.4

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Classification

CWE

CWE-284 CWE-287 CWE-200 CWE-294

Status published

Affected Products (1)

atomberg/erica_smart_fan_firmware

Timeline

Published Jan 22, 2026

Tracked Since Feb 18, 2026