CVE-2025-65825 — MEDIUM (4.6)

Vulnerability Description

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and previous Wi-Fi networks. This information could be used to gain unauthorized access to the victim's Wi-Fi network.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Meatmeet	Meatmeet Pro Wifi \& Bluetooth Meat Thermometer Firmware	1.0.34.4
Meatmeet	Meatmeet Pro Wifi \& Bluetooth Meat Thermometer	-

Related Weaknesses (CWE)

CWE-311

References

https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-flasThird Party Advisory
https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Device/FThird Party Advisory

FAQ

What is CVE-2025-65825?

CVE-2025-65825 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump...

How severe is CVE-2025-65825?

CVE-2025-65825 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-65825?

Check the references section above for vendor advisories and patch information. Affected products include: Meatmeet Meatmeet Pro Wifi \& Bluetooth Meat Thermometer Firmware, Meatmeet Meatmeet Pro Wifi \& Bluetooth Meat Thermometer.