VYPR

CMS8000

by Contec Co., Ltd.

CVEs (2)

  • CVE-2025-1204HigFeb 25, 2025
    risk 0.50cvss epss 0.00

    The "update" binary in the firmware of the affected product sends attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function triggers if the 'C' button is pressed at a specific time during the boot process. If an…

  • CVE-2022-38453Sep 13, 2022
    risk 0.00cvss epss 0.00

    Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debug_info' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional…