CVE-2025-69515
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk37th percentile — higher than 37% of all known CVEs
Summary
A vulnerability in the Android system of the JXL 9 Inch Car Android Double Din Player version 12.0 allows an attacker to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location.
Risk Assessment
The risk is that an attacker can manipulate the vehicle's location, potentially affecting navigation apps, safety systems, or other GPS-dependent functions, leading to incorrect routes or false alerts.
Recommendation
It is recommended to update the radio firmware to the latest version if a patch is available from the manufacturer, and to implement GPS signal authentication mechanisms such as filtering or cross-referencing with other location sources.
Original NVD description (English source)
An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location.

