Bypass Authentication Flaw in IROAD X5 Dashcams
CVE-2025-30110

6.5MEDIUM

Key Information:

Vendor: IROAD
Status: X5 Dashcam
Vendor: CVE Published:; 18 March 2025

What is CVE-2025-30110?

In IROAD X5 dashcams, a vulnerability exists that allows bypassing the device pairing process through MAC address spoofing. The pairing mechanism's dependency on solely verifying MAC addresses makes it susceptible to exploitation. An attacker can easily capture the MAC address of an already-paired device using an ARP scan, enabling unauthorized access by impersonating this existing MAC address. This serious security oversight underscores the urgent need for improved authentication measures in dashcam technology.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://iroad-dashcam.nl/iroad/iroad-x5/

https://github.com/geo-chen/IROAD-V

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 18, 2025
Vulnerability Reserved
Mar 17, 2025

JSON

IROAD

What is CVE-2025-30110?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.