CVE-2025-61081 - Vulnerability Details - OpenCVE

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Byd	Atto3

No data.

No data.

References

Link	Providers
https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link
https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637

History

Wed, 20 May 2026 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Byd Byd atto3
Vendors & Products		Byd Byd atto3

Tue, 19 May 2026 21:15:00 +0000

Type	Values Removed	Values Added
Title	Unauthorized ECU Flashing via Brute-Forced Authentication Key
Weaknesses	CWE-522

Tue, 19 May 2026 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 19 May 2026 18:45:00 +0000

Type	Values Removed	Values Added
Title		Unauthorized ECU Flashing via Brute-Forced Authentication Key
Weaknesses		CWE-307 CWE-522

Tue, 19 May 2026 17:45:00 +0000

Type	Values Removed	Values Added
Description		In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.
References		https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-19T00:00:00.000Z

Updated: 2026-05-19T18:13:43.105Z

Reserved: 2025-09-26T00:00:00.000Z

Link: CVE-2025-61081

Vulnrichment

Updated: 2026-05-19T18:11:05.124Z

NVD

Status : Deferred

Published: 2026-05-19T18:16:19.767

Modified: 2026-05-19T21:05:49.167

Link: CVE-2025-61081

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-61081", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-05-19T18:13:43.105Z", "dateReserved": "2025-09-26T00:00:00.000Z", "datePublished": "2026-05-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-05-19T17:32:02.055Z"}, "descriptions": [{"lang": "en", "value": "In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link"}, {"url": "https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-307", "lang": "en", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts"}]}], "references": [{"url": "https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link", "tags": ["exploit"]}, {"url": "https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-05-19T18:11:46.135176Z", "id": "CVE-2025-61081", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-19T18:13:43.105Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-61081", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-05-19T18:11:46.135176Z"}}}], "references": [{"url": "https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link", "tags": ["exploit"]}, {"url": "https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637", "tags": ["exploit"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-307", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-19T18:11:05.124Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.notion.so/BYD-Atto3-26215fb6156c8000b338db3c2011f637?source=copy_link"}, {"url": "https://www.notion.so/CVE-2025-61081-26215fb6156c8000b338db3c2011f637"}], "descriptions": [{"lang": "en", "value": "In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-05-19T17:32:02.055Z"}}}, "cveMetadata": {"cveId": "CVE-2025-61081", "state": "PUBLISHED", "dateUpdated": "2026-05-19T18:13:43.105Z", "dateReserved": "2025-09-26T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-05-19T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}