CVE-2025-60855 identifies a vulnerability in the Reolink Video Doorbell WiFi model DB_566128M5MP_W, where the device fails to properly validate the cryptographic signatures of firmware updates. This insufficient validation flaw allows an attacker who already has high-level privileges on the device to bypass firmware integrity checks and load malicious firmware images. The malicious firmware can execute arbitrary code with root privileges, effectively giving the attacker full control over the device. The vulnerability is categorized under CWE-77, which relates to improper neutralization of special elements used in a command ('Command Injection'). The CVSS v3.1 base score is 5.1, indicating a medium severity level, with the vector showing local attack vector (AV:L), low attack complexity (AC:L), requiring privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), low confidentiality impact (C:L), high integrity impact (I:H), and no availability impact (A:N). This means exploitation requires an attacker to have high privileges locally on the device, but once exploited, the attacker can compromise the device’s integrity by executing arbitrary code as root. No known exploits are currently reported in the wild, and no patches have been released yet. The vulnerability poses a risk primarily to environments where these doorbells are deployed and where attackers might gain privileged access, such as through other vulnerabilities or insider threats.

For European organizations, this vulnerability could lead to unauthorized control over physical security devices, undermining the integrity and trustworthiness of video doorbell systems. Compromise of these devices could allow attackers to manipulate video feeds, disable alerts, or use the device as a foothold for further network intrusion. Although the confidentiality impact is low, the high integrity impact means attackers can alter device behavior, potentially bypassing security monitoring or enabling surveillance evasion. Organizations relying on Reolink video doorbells for perimeter security or access control could face increased risks of physical security breaches. The requirement for local high privileges limits remote exploitation but does not eliminate risk, especially in environments with weak internal security controls or where attackers have already gained partial access. The absence of patches increases exposure duration. This vulnerability could also affect privacy compliance under European regulations if surveillance data integrity is compromised.

European organizations should immediately audit and restrict access to Reolink video doorbell devices, ensuring that only trusted administrators have high-level privileges. Network segmentation should isolate these devices from critical infrastructure to limit lateral movement if compromised. Continuous monitoring of device firmware integrity and behavior anomalies can help detect exploitation attempts. Organizations should establish strict firmware update policies, applying vendor patches promptly once available. Until patches are released, consider disabling remote firmware updates or restricting update sources to trusted networks. Employ strong authentication mechanisms and change default credentials to reduce the risk of privilege escalation. Additionally, conduct regular security assessments of IoT devices in the environment to identify and remediate privilege escalation paths that could lead to exploitation of this vulnerability.