CVE Catalog

CVE-2025-65552

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile - higher than 27% of all known CVEs

Summary

The D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The lack of rolling codes, message authentication, or anti-replay protection allows an attacker within RF range to record valid alarm/control frames and replay them to trigger false alarms.

Risk Assessment

The risk involves the ability to remotely trigger false alarms by an attacker within radio range, potentially leading to unnecessary emergency responses, reduced system trustworthiness, and possible masking of actual intrusions.

Recommendation

Immediately contact the vendor for a firmware update implementing rolling codes and message authentication. Until an update is available, consider deploying additional physical security measures or replacing the system with one resistant to replay attacks.

Original NVD description (English source)

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames and replay them to trigger false alarms.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS