The D3D Wi-Fi Home Security System ZX-G12 version 2.1.1 suffers from a critical security vulnerability identified as CVE-2025-65552. The system communicates with its sensors over a 433 MHz RF channel but lacks fundamental security mechanisms such as rolling codes, message authentication codes (MAC), and anti-replay protections. These omissions allow an attacker within RF range to passively capture valid alarm or control frames transmitted by legitimate sensors or controllers. The attacker can then replay these captured frames to the system, causing it to accept the replayed signals as genuine. This replay attack can trigger false alarms or unauthorized control commands, undermining the system’s reliability and trustworthiness. The vulnerability is classified under CWE-294 (Authentication Bypass by Capture-Replay). The CVSS v3.1 base score of 9.8 reflects the vulnerability’s critical nature, with network attack vector, no required privileges or user interaction, and high impact on confidentiality, integrity, and availability. No patches or firmware updates are currently available, and no exploits have been observed in the wild yet. The lack of cryptographic protections in the communication protocol is the root cause, making the system vulnerable to straightforward RF replay attacks.

For European organizations, especially residential users, small businesses, and property management firms relying on the D3D ZX-G12 system, this vulnerability can lead to frequent false alarms, causing operational disruptions and potential desensitization to real security events. False alarms may also incur financial penalties from local authorities or emergency services. Attackers could exploit this to create distractions or cover for other malicious activities. The integrity and availability of the security system are compromised, reducing trust in the system’s alerts and controls. Confidentiality is also impacted as attackers can infer system states by monitoring RF communications. The absence of known exploits in the wild suggests a window for proactive mitigation, but the critical severity demands urgent attention. The impact is more pronounced in densely populated urban areas where RF range overlaps are common, increasing the likelihood of attackers being within range.

Immediate mitigation steps include: 1) Contacting the vendor for firmware updates or security patches that implement rolling codes, message authentication, and anti-replay mechanisms. 2) If no updates are available, consider replacing the vulnerable system with a security solution that uses cryptographically secured RF communications. 3) Physically securing the system’s sensors and controllers to limit attacker proximity and RF interception opportunities. 4) Employ RF shielding or signal jamming countermeasures where legally permissible to reduce the effective attack range. 5) Implement monitoring and alerting for unusual alarm patterns that may indicate replay attacks. 6) Educate users and security personnel about the risk of false alarms and the importance of verifying alarms before response. 7) Regularly audit and test the security system for anomalous behavior. These steps go beyond generic advice by focusing on the unique RF replay attack vector and the lack of cryptographic protections.