CVE-2025-55619

Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cwe.mitre.org/data/definitions/321.html	Product
https://cwe.mitre.org/data/definitions/329.html	Product
https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedSharedPreferences	Third Party Advisory
https://nvd.nist.gov/vuln/detail/CVE-2020-25173	Not Applicable
https://www.notion.so/Reolink-Android-App-Uses-Hardcoded-AES-Key-and-IV-for-Sensitive-Data-Decryption-21a43700364280dc95bedcf6ac1a5db0	Exploit Third Party Advisory
https://relieved-knuckle-264.notion.site/Reolink-Android-App-Uses-Hardcoded-AES-Key-and-IV-for-Sensitive-Data-Decryption-21a43700364280dc95bedcf6ac1a5db0	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:reolink:reolink:4.54.0.4.20250526:*:*:*:*:android:*:*

History

No history.

Information

Published : 2025-08-22 17:15

Updated : 2025-08-28 13:34

NVD link : CVE-2025-55619

Mitre link : CVE-2025-55619

CVE.ORG link : CVE-2025-55619

JSON object : View

Products Affected

reolink

reolink

CWE

CWE-321

Use of Hard-coded Cryptographic Key

{"id": "CVE-2025-55619", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-08-22T17:15:32.727", "references": [{"url": "https://cwe.mitre.org/data/definitions/321.html", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://cwe.mitre.org/data/definitions/329.html", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedSharedPreferences", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25173", "tags": ["Not Applicable"], "source": "[email protected]"}, {"url": "https://www.notion.so/Reolink-Android-App-Uses-Hardcoded-AES-Key-and-IV-for-Sensitive-Data-Decryption-21a43700364280dc95bedcf6ac1a5db0", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://relieved-knuckle-264.notion.site/Reolink-Android-App-Uses-Hardcoded-AES-Key-and-IV-for-Sensitive-Data-Decryption-21a43700364280dc95bedcf6ac1a5db0", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-321"}]}], "descriptions": [{"lang": "en", "value": "Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering."}, {"lang": "es", "value": "Se descubri\u00f3 que Reolink v4.54.0.4.20250526 conten\u00eda una clave de cifrado y un vector de inicializaci\u00f3n codificados. Un atacante podr\u00eda aprovechar esta vulnerabilidad para descifrar los tokens de acceso y de sesi\u00f3n web almacenados en la aplicaci\u00f3n mediante ingenier\u00eda inversa."}], "lastModified": "2025-08-28T13:34:45.180", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:reolink:reolink:4.54.0.4.20250526:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "70143B66-5C3A-4F6C-9CCE-C6048C950695"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}