[Japanese]

JVNDB-2025-004863

Panasonic IR Control Hub vulnerable to Unauthorised firmware loading

Overview

IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware.

IR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash value does not match the expected value (CWE-354).
Moreover, the product has a UART interface on the board and it is configured active (CWE-1299).
When connected directly to this UART interface, the device can be controlled through this interface (CVE-2025-1073).

Shravan Singh reported this vulnerability to the developer and coordinated. After the coordination was completed, Shravan Singh and the develpper reported the case to JPCERT/CC to notify users of the solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products


Panasonic Corporation
  • IR Control Hub 1.17 and earlier

Impact

An attacker with physical access to the affected product may load unauthorized firmware.
Solution

[Update the Firmware]
Update the firmware to the latest version.
According to the developer, the product automatically updates when it can communicate with the update server operated by the developer.
Vendor Information

Panasonic Corporation
CWE (What is CWE?)

  1. Missing Protection Mechanism for Alternate Hardware Interface(CWE-1299) [Other]
  2. Improper Validation of Integrity Check Value(CWE-354) [Other]
CVE (What is CVE?)

  1. CVE-2025-1073
References

  1. JVN : JVNVU#94857368
Revision History

  • [2025/05/14]
      Web page was published

Date Public2025/05/13
Date First Published2025/05/14
Date Last Updated2025/05/14