Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Incorrect authentication in ParkingDoor

Posted date 21/07/2025
Identificador
INCIBE-2025-0390
Importance
3 - Medium
Affected Resources

ParkingDoor, 2016.08.11.1 version.

Description

INCIBE has coordinated the publication of a medium severity vulnerability affecting ParkingDoor, a system for managing the opening of garage doors. The vulnerability was discovered by Carlos Galean.

This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and vulnerability type CWE:

  • CVE-2025-41100: CVSS v4.0: 5.9 | CVSS AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N | CWE-284
Solution

No solution reported at this time.

Detail

CVE-2025-41100: incorrect authentication vulnerability in ParkingDoor. Through this vulnerability it is possible to operate the device without the access being logged in the application and even if the access permissions have been revoked.

CVE
Explotación
No
Nuevo Fabricante
ParkingDoor
Identificador CVE
CVE-2025-41100
Severidad
Media
References list
Parkingdoor
Etiquetas