PT-2026-4755 · K7+1 · K7+1
Published
2026-01-26
·
Updated
2026-01-26
·
CVE-2025-59105
CVSS v4.0
7.0
High
| Vector | AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
K7 and K5 device models (affected versions not specified)
Description
An attacker with physical access to the device and sufficient time can desolder the flash memory, modify it, and reinstall it due to missing encryption. This allows modification and reading of essential files, such as
/etc/passwd, stored certificates, cryptographic keys, and stored PINs, potentially leading to SSH root access on the Linux-based K7 model. On the Windows CE based K5 model, the password for the Access Manager can be read in plain text from the stored SQLite database.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
K5
K7