CVE-2025-30113CRITICAL 9.8EPSS p32.9%

CVE-2025-30113CVE-2025-30113

Description

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These credentials, stored in cleartext, can be exploited by an attacker who gains access to the dashcam's network.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.41% probability of exploitation · percentile 32.9% · 2026-06-19T12:03:05Z
Published2025-03-18
Last modified2025-05-22

Underlying weaknesses· 1

CWE-798

References

  1. https://github.com/geo-chen/Hella
  2. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26

1

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30114
CVE
CVE-2025-30115
CVE
CVE-2025-30137
CVE
CVE-2025-30127
CVE
CVE-2025-30122
CVE
CVE-2025-30106
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.