Local Privilege Escalation in Pioneer DMH-WT7600NEX Devices
CVE-2025-5834

4.4MEDIUM

Key Information:

Vendor: Pioneer
Status: Dmh-wt7600nex
Vendor: CVE Published:; 25 June 2025

What is CVE-2025-5834?

The Pioneer DMH-WT7600NEX devices contain a local privilege escalation vulnerability caused by the absence of a properly configured hardware root of trust. This flaw allows an attacker with local access to bypass the authentication mechanism and execute arbitrary code during the boot process. The vulnerability stems from issues in the device's system-on-chip configuration, enabling attackers to escalate their privileges and potentially gain full control over the affected installations.

Affected Version(s)

DMH-WT7600NEX 3.05

References

https://www.zerodayinitiative.com/advisories/ZDI-25-351/

x_research-advisory

CVSS V3.0

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2025
Vulnerability Reserved
Jun 6, 2025