Unauthorized Password Reset Vulnerability in AC Smart II by LG Electronics
CVE-2025-10204

7.1HIGH

Key Information:

Vendor: Lg Electronics
Status: Ac Smart Ii
Vendor: CVE Published:; 14 September 2025

🔔 Create Lg Electronics Vulnerability Alert

What is CVE-2025-10204?

A significant vulnerability has been identified in AC Smart II, allowing unauthorized users to change administrator passwords. This flaw stems from a hidden form in the application that can be manipulated using browser developer tools. Attackers can exploit this weakness to gain administrative access without needing to authenticate or possess valid user permissions, posing severe risks to system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AC Smart II 2.1.9

References

https://lgsecurity.lge.com/bulletins

vendor-advisory

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Sep 14, 2025
Vulnerability Reserved
Sep 10, 2025

JSON

Lg Electronics

What is CVE-2025-10204?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

EPSS Score

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.