How to fix CVE-2025-2119?

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

Is Thinkware Car Dashcam F800 Pro affected by CVE-2025-2119?

CVE-2025-2119 is a low-severity vulnerability in Thinkware Car Dashcam F800 Pro (CVSS 1.0). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation. Apply vendor updates when available as part of routine maintenance.

Thinkware Car Dashcam F800 Pro CVE-2025-2119

LOW

Use of Default Credentials (CWE-1392)

2025-03-09 [email protected]

Information Disclosure

1.0

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Physical

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:30 vuln.today

CVE Published

Mar 09, 2025 - 09:15 nvd

LOW 1.0

DescriptionNVD

A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. Rated low severity (CVSS 1.0), this vulnerability is no authentication required. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Use of Default Credentials (CWE-1392), which allows attackers to gain access using factory-default usernames and passwords. A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Version information: up to 20250226..

Affected ProductsAI

Thinkware Car Dashcam F800 Pro up to 20250226. It has been declared as problematic. This vulnerability affects unknown code of the component Device Registration Handler. The manipulation leads to use of default credentials. It.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Force credential change on first use, remove default accounts, document required credential changes.

CVE-2025-2119 vulnerability details – vuln.today

Back