PatchSiren cyber security CVE debrief
CVE-2025-65552 D3dsecurity CVE debrief
The D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks due to the lack of rolling codes, message authentication, and anti-replay protection on its 433 MHz sensor communication channel. This allows an attacker within RF range to record and replay valid alarm/control frames, triggering false alarms or potentially disabling alarms. Organizations and individuals using this system should prioritize patching. Security teams monitoring IoT and home security systems should be aware of this critical vulnerability with a CVSS score of 9.8, indicating a high severity level.
- Vendor
- D3dsecurity
- Product
- Wi‑Fi Home Security System ZX‑G12
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-12
- Original CVE updated
- 2026-07-05
- Advisory published
- 2026-01-12
- Advisory updated
- 2026-07-05
Who should care
Organizations and individuals using the D3D Wi-Fi Home Security System ZX-G12 v2.1.1 should prioritize patching. Security teams monitoring IoT and home security systems should be aware of this critical vulnerability.
Technical summary
CVE-2025-65552 is a critical vulnerability in the D3D Wi-Fi Home Security System ZX-G12 v2.1.1. The system uses a 433 MHz sensor communication channel without implementing crucial security measures such as rolling codes, message authentication, or anti-replay protection. This oversight allows attackers within RF range to intercept valid alarm and control frames, record them, and replay them to trigger false alarms or potentially disable alarms. The vulnerability has a CVSS score of 9.8, indicating a high severity level.
Defensive priority
High priority should be given to patching or mitigating this vulnerability, especially in environments where the security system's functionality is critical.
Recommended defensive actions
- Apply firmware updates or patches if available from the vendor.
- Implement additional security measures such as encryption for RF communications.
- Change default settings and credentials for the security system.
- Monitor RF traffic for suspicious activity.
- Consider replacing the system if no patch is available.
Evidence notes
The CVE record and NVD details were used to assess this vulnerability. Specific evidence of exploitation is not provided, but defenders should verify system configurations, check for firmware updates, and monitor RF traffic for suspicious activity. The lack of detailed technical information limits further analysis, emphasizing the need for caution and prompt mitigation.
Official resources
-
CVE-2025-65552 CVE record
CVE.org
-
CVE-2025-65552 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Source reference
134c704f-9b21-4f2e-91b3-4a467353bcc0 - Product
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-01-12T15:16:03.607Z and has not been modified since then.