CVE-2025-8656

Name of the Vulnerable Software and Affected Versions Kenwood DMX958XR (affected versions not specified)

Description A flaw exists within the libSystemLib library that allows physically present attackers to downgrade the software on affected Kenwood DMX958XR devices without authentication. This is due to a lack of proper validation of version information before performing an update. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.