Which versions of BlackVue Dashcam are affected by EUVD-2025-20272?

Organizations using BlackVue Dashcam 590X should be aware of moderate risk from CVE-2025-7076 rated CVSS 5.4. Exploitation could compromise the security of affected deployments.

Is there a public PoC exploit available for EUVD-2025-20272?

Yes, a public proof-of-concept exploit is available for EUVD-2025-20272. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate EUVD-2025-20272?

Within 30 days: Identify affected systems running BlackVue Dashcam 590X and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

BlackVue Dashcam EUVD-2025-20272

Q: What is the CVSS score of EUVD-2025-20272?

EUVD-2025-20272 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.2%.

| CVE-2025-7076 LOW

Incorrect Privilege Assignment (CWE-266)

2025-07-06 cna@vuldb.com

Information Disclosure

2.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.1 LOW

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

MEDIUM LOW

CVSS changed

Apr 29, 2026 - 01:11 NVD

5.4 (MEDIUM) 2.1 (LOW)

EUVD ID Assigned

Mar 16, 2026 - 03:31 euvd

EUVD-2025-20272

Analysis Generated

Mar 16, 2026 - 03:31 vuln.today

PoC Detected

Oct 01, 2025 - 19:01 vuln.today

Public exploit code

CVE Published

Jul 06, 2025 - 01:15 nvd

MEDIUM 5.4

DescriptionCVE.org

A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

A security vulnerability in BlackVue Dashcam 590X (CVSS 5.4). Risk factors: public PoC available.

Technical ContextAI

Vulnerability type not specified by vendor. Affects BlackVue Dashcam 590X.

RemediationAI

Monitor vendor channels for patch availability.

EUVD-2025-20272 vulnerability details – vuln.today

Back