Vulnerability Description
In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_lin
- https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637
- https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_lin
- https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637
FAQ
What is CVE-2025-61081?
CVE-2025-61081 is a vulnerability with a CVSS score of 7.5 (HIGH). In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Su...
How severe is CVE-2025-61081?
CVE-2025-61081 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-61081?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.