Skip to main content

CVE-2025-5876: Missing Authentication in Lucky LM-520-SC

Medium
VulnerabilityCVE-2025-5876cvecve-2025-5876
Published: Mon Jun 09 2025 (06/09/2025, 12:00:16 UTC)
Source: CVE Database V5
Vendor/Project: Lucky
Product: LM-520-SC

Description

A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI-Powered Analysis

AILast updated: 07/09/2025, 12:39:35 UTC

Technical Analysis

CVE-2025-5876 is a vulnerability identified in the Lucky LM-520-SC, LM-520-FSC, and LM-520-FSC-SAM devices, specifically affecting versions up to 20250321. The vulnerability is characterized by missing authentication in an unspecified functionality, which allows an attacker to remotely exploit the device without any authentication, user interaction, or privileges. The exact functionality impacted is not detailed, but the absence of authentication implies that unauthorized users can potentially access or manipulate the device remotely. The vulnerability has a CVSS 4.0 base score of 6.9, indicating a medium severity level. The vector string (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P) highlights that the attack can be performed over the network with low attack complexity, requires no privileges or user interaction, and affects confidentiality to a limited extent, with no impact on integrity or availability. The exploit has been publicly disclosed, increasing the risk of exploitation, although no known exploits in the wild have been reported yet. The vendor has been contacted but has not responded or provided a patch, leaving affected devices potentially exposed. Given the lack of authentication, attackers could leverage this vulnerability to gain unauthorized access to device functions, potentially leading to information disclosure or unauthorized control depending on the device's role and capabilities. The Lucky LM-520 series are specialized devices, and the missing authentication flaw represents a significant security gap that could be exploited remotely without detection or barriers.

Potential Impact

For European organizations using Lucky LM-520 series devices, this vulnerability poses a tangible risk of unauthorized remote access. Depending on the deployment context—such as industrial control systems, telecommunications infrastructure, or other critical operational environments—attackers could exploit this flaw to gather sensitive information, disrupt operations, or pivot to other internal systems. The lack of authentication means that any attacker with network access to these devices could attempt exploitation, potentially leading to breaches of confidentiality or unauthorized configuration changes. The public disclosure of the exploit increases the urgency for mitigation, as threat actors may develop or adapt tools to exploit this vulnerability. Organizations in sectors with high reliance on these devices, such as manufacturing, utilities, or communications, could face operational disruptions or data leaks. Additionally, the vendor's non-responsiveness and absence of patches exacerbate the risk, forcing organizations to rely on compensating controls. The medium severity rating reflects limited impact on integrity and availability but does not diminish the risk of unauthorized access and information exposure. European entities must consider the potential for targeted attacks, especially in critical infrastructure or high-value environments where these devices are deployed.

Mitigation Recommendations

Given the absence of vendor patches, European organizations should implement immediate compensating controls. First, restrict network access to the affected devices by segmenting them into isolated network zones with strict firewall rules allowing only trusted management hosts. Employ network-level authentication and VPNs to limit exposure. Continuous monitoring of network traffic to and from these devices should be established to detect anomalous access attempts. If possible, disable or restrict the vulnerable functionality until a patch or vendor guidance is available. Employ intrusion detection or prevention systems (IDS/IPS) with signatures or heuristics tuned to detect exploitation attempts targeting this vulnerability. Regularly audit device configurations and logs for unauthorized access indicators. Organizations should also engage with the vendor for updates and consider alternative devices if remediation is not forthcoming. Finally, maintain up-to-date asset inventories to identify all affected devices and prioritize mitigation efforts accordingly.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-06-08T18:01:47.296Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 6846d2137b622a9fdf219091

Added to database: 6/9/2025, 12:22:43 PM

Last enriched: 7/9/2025, 12:39:35 PM

Last updated: 8/16/2025, 5:18:57 AM

Views: 19

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats