CVE-2025-61081

Published: Mag 19, 2026 Last Modified: Mag 19, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: physical
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: changed
Confidentiality: low
Integrity: high
Availability: high

Description

AI Translation Available

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0002
Percentile
0,1th
Updated

Single Data Point

Only one EPSS measurement is available for this CVE. Trend analysis requires multiple data points over time.

307

Improper Restriction of Excessive Authentication Attempts

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
View CWE Details
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c201…
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_li…
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db…
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c201…
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_li…
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db…
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637