CVE-2025-30114CRITICAL 9.1EPSS p31.9%

CVE-2025-30114CVE-2025-30114

Description

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the authentication process and gain full access to the dashcam's features without proper authorization.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.40% probability of exploitation · percentile 31.9% · 2026-06-18T12:00:27Z
Published2025-03-18
Last modified2025-05-22

Underlying weaknesses· 1

CWE-287

References

  1. https://github.com/geo-chen/Hella
  2. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26

1

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-2870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30113
CVE
CVE-2025-30115
CVE
CVE-2025-30142
CVE
CVE-2025-30124
CVE
CVE-2025-7070
CVE
CVE-2025-1104
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.