Byd · Byd Qin Plus Dm-I Dilink Os · CVE-2025-28169
**Name of the Vulnerable Software and Affected Versions**
BYD QIN PLUS DM-i Dilink OS versions v3.0 13.1.7.2204050.1 through v3.0 13.1.7.2312290.1 0
**Description**
The issue allows attackers to execute a man-in-the-middle attack because the affected software sends broadcasts to the manufacturer's cloud server unencrypted.
**Recommendations**
For versions v3.0 13.1.7.2204050.1 through v3.0 13.1.7.2312290.1 0, consider implementing encryption for broadcasts to the cloud server as a mitigation measure.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.