What is CVE-2025-1882?

CVE-2025-1882 is a medium-severity vulnerability in I-drive I11, classified under CWE-1262. CVSS score: 5.0/10. Published 2025-03-03.

How severe is CVE-2025-1882?

Medium severity. CVSS v3 base score is 5.0 out of 10.

Is CVE-2025-1882 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in I-drive I11

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control…

EPSS: 0.001 (32.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.0 (Medium). Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

I-drive I11 — versions 20250227
I-drive I12 — versions 20250227

Weakness classification (CWE)

Public proof-of-concept exploits

geo-chen/i-Drive

References

VDB-298196 | i-Drive i11/i12 Device Setting improper access control for register interface (vdb-entry)
VDB-298196 | CTI Indicators (IOB, IOC) (signature, permissions-required)
Submit #510955 | i-DRIVE Dashcam i11, i12 Improper Access Control for Register Interface (third-party-advisory)
github.com/geo-chen/i-Drive (related)

Frequently asked questions

What is CVE-2025-1882?: CVE-2025-1882 is a medium-severity vulnerability in I-drive I11, classified under CWE-1262. CVSS score: 5.0/10. Published 2025-03-03.
How severe is CVE-2025-1882?: Medium severity. CVSS v3 base score is 5.0 out of 10.
Is CVE-2025-1882 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.