[Japanese]

JVNDB-2025-002592

Multiple vulnerabilities in CHOCO TEI WATCHER mini

Overview

CHOCO TEI WATCHER mini provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below.

* Use of client-side authentication (CWE-603) - CVE-2025-24517
* Storing passwords in a recoverable format (CWE-257) - CVE-2025-24852
* Weak password requirements (CWE-521) - CVE-2025-25211
* Forced browsing (CWE-425) - CVE-2025-26689

Andrea Palanca of Nozomi Networks reported these vulnerabilities to the developer and CISA ICS.
JPCERT/CC coordinated with the reporter, CISA ICS, and the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-25211

CVSS V3 Severity:
Base Metrics:7.5 (High) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-24517

CVSS V3 Severity:
Base Metrics:4.6 (Medium) [Other]
  • Attack Vector: Physical
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-24852

CVSS V3 Severity:
Base Metrics:9.8 (Critical) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-26689
Affected Products


INABA DENKI SANGYO CO., LTD.
  • CHOCO TEI WATCHER mini (IB-MCT001) all versions

Impact

* A remote attacker may obtain the product's login password without authentication (CVE-2025-24517)
* An attacker who can access the microSD card used on the product may obtain the product's login password (CVE-2025-24852)
* Brute-force attack may allow an attacker unauthorized access and login (CVE-2025-25211)
* If a remote attacker sends a specially crafted HTTP request to the product, the product's data may be obtained or deleted, and/or the product's settings may be altered (CVE-2025-26689)
Solution

[Apply the Workaround]
The following workaround may mitigate the impacts of these vulnerabilities.

* Use the product within LAN and block access from untrusted networks and hosts through firewalls
* Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when internet access is required, and restrict internet access to minimum
* Restrict the product operation (including use/handling of microSD cards on the product) only to authorized users

For more details, refer to the information provided by the developer.
Vendor Information

INABA DENKI SANGYO CO., LTD.
CWE (What is CWE?)

  1. Storing Passwords in a Recoverable Format(CWE-257) [Other]
  2. Direct Request ('Forced Browsing')(CWE-425) [Other]
  3. Weak Password Requirements(CWE-521) [Other]
  4. Use of Client-Side Authentication(CWE-603) [Other]
CVE (What is CVE?)

  1. CVE-2025-24517
  2. CVE-2025-24852
  3. CVE-2025-25211
  4. CVE-2025-26689
References

  1. JVN : JVNVU#91154745
  2. ICS-CERT ADVISORY : ICSA-25-084-04
  3. Related document : Unpatched Vulnerabilities in Production Line Cameras May Allow Remote Surveillance, Hinder Stoppage Recording
Revision History

  • [2025/03/26]
      Web page was published

Date Public2025/03/25
Date First Published2025/03/26
Date Last Updated2025/03/26