216.73.217.64

CVE-2025-59104

· Published 26/01/2026 10:16 · Modified 26/01/2026 15:03

Labels: CVE-2025-59104 2026-01-26551230f0-3615-47bd-b7cc-93e92e730bbfCVE-2025-59104CWE-1234

Essential information

Published
26/01/2026 10:16
Modified
26/01/2026 15:03
Author
Creator
CVSS
7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through this vulnerability.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
551230f0-3615-47bd-b7cc-93e92e730bbf
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / * cpe:2.3:h:*:*:*:*:*:*:*:*:*:*
* / linux cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*
* / * cpe:2.3:a:*:*:*:*:*:*:*:*:*:*

References