CVE-2025-65825

CVSS 4.6 - MEDIUM
Description

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and previous Wi-Fi networks. This information could be used to gain unauthorized access to the victim's Wi-Fi network.

Affected Products
2
Vendor Product Version
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer_firmware 1.0.34.4
meatmeet meatmeet_pro_wifi_\&_bluetooth_meat_thermometer -
References
https://gist.github.com/dead1nfluence/4dffc239b4a4...
https://github.com/dead1nfluence/Meatmeet-Pro-Vuln...
Weakness Types
CWE-311
CVE Information
CVE ID:
CVE-2025-65825
Published:
2025-12-10
Modified:
2025-12-30
CVSS Score:
4.6
Severity:
MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Vendors
meatmeet
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL