{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-31702", "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "state": "PUBLISHED", "assignerShortName": "dahua", "dateReserved": "2025-04-01T05:57:11.782Z", "datePublished": "2025-10-15T05:53:35.664Z", "dateUpdated": "2025-10-15T13:25:09.791Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "IPC", "vendor": "Dahua", "versions": [{"status": "affected", "version": "Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, and limited to versions which build time prior to 1st July 2025 (not including 1st July 2025)."}]}, {"defaultStatus": "unaffected", "product": "SD", "vendor": "Dahua", "versions": [{"status": "affected", "version": "Affected products include certain models from the SD3A, SD2A, SD3D, SDT2A, and SD2C series, and limited to versions which build time prior to 1st July 2025 (not including 1st July 2025)."}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected.</span>"}], "value": "A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "shortName": "dahua", "dateUpdated": "2025-10-15T05:53:35.664Z"}, "references": [{"url": "https://www.dahuasecurity.com/aboutUs/trustedCenter/details/777"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-15T13:24:13.780409Z", "id": "CVE-2025-31702", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-15T13:25:09.791Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-31702", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-15T13:24:13.780409Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-15T13:24:16.790Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dahua", "product": "IPC", "versions": [{"status": "affected", "version": "Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, and limited to versions which build time prior to 1st July 2025 (not including 1st July 2025)."}], "defaultStatus": "unaffected"}, {"vendor": "Dahua", "product": "SD", "versions": [{"status": "affected", "version": "Affected products include certain models from the SD3A, SD2A, SD3D, SDT2A, and SD2C series, and limited to versions which build time prior to 1st July 2025 (not including 1st July 2025)."}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.dahuasecurity.com/aboutUs/trustedCenter/details/777"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "shortName": "dahua", "dateUpdated": "2025-10-15T05:53:35.664Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31702", "state": "PUBLISHED", "dateUpdated": "2025-10-15T13:25:09.791Z", "dateReserved": "2025-04-01T05:57:11.782Z", "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad", "datePublished": "2025-10-15T05:53:35.664Z", "assignerShortName": "dahua"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected."}], "id": "CVE-2025-31702", "lastModified": "2025-10-15T06:15:42.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.2, "source": "cybersecurity@dahuatech.com", "type": "Secondary"}]}, "published": "2025-10-15T06:15:42.907", "references": [{"source": "cybersecurity@dahuatech.com", "url": "https://www.dahuasecurity.com/aboutUs/trustedCenter/details/777"}], "sourceIdentifier": "cybersecurity@dahuatech.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cybersecurity@dahuatech.com", "type": "Secondary"}]}

{}

{}