CVE-2025-65825 identifies a vulnerability in the Meatmeet basestation firmware where the firmware is stored without encryption. This lack of encryption allows an adversary with physical access to the device to disassemble it and connect to its UART interface to dump the firmware. Within the firmware's non-volatile storage (NVS) partition, the attacker can retrieve stored Wi-Fi credentials, including those of current and previous networks. These credentials are stored in plaintext, violating confidentiality principles. The vulnerability is classified under CWE-311 (Missing Encryption of Sensitive Data). The CVSS v3.1 score is 4.6 (medium severity), reflecting that exploitation requires physical access (AV:P), no privileges (PR:N), no user interaction (UI:N), and results in high confidentiality impact (C:H) but no integrity or availability impact (I:N/A:N). The vulnerability does not require authentication, but physical access is mandatory. No patches or known exploits are currently reported. The primary risk is unauthorized access to Wi-Fi networks, potentially enabling lateral movement or data exfiltration within the victim's network environment.

For European organizations, the primary impact is the potential compromise of Wi-Fi network credentials, which can lead to unauthorized network access. This is particularly concerning for organizations with sensitive or critical operations relying on Meatmeet devices, as attackers could leverage the extracted credentials to infiltrate internal networks, bypassing perimeter defenses. The confidentiality breach could expose sensitive communications and data transmitted over the compromised Wi-Fi networks. Although the vulnerability does not directly affect system integrity or availability, the resulting network access could facilitate further attacks, including data theft, espionage, or lateral movement to critical systems. Organizations with devices deployed in publicly accessible or physically unprotected locations are at higher risk. The absence of encryption in firmware storage also indicates potential weaknesses in device security design, raising concerns about other undiscovered vulnerabilities.

1. Physically secure Meatmeet devices to prevent unauthorized access or tampering, especially in public or shared spaces. 2. Implement strict access controls and surveillance around device deployment areas to detect and deter physical attacks. 3. Network segmentation should be employed to isolate Meatmeet devices and their associated Wi-Fi networks from critical infrastructure and sensitive data systems. 4. Regularly monitor network traffic for unusual access patterns or unauthorized connections that may indicate credential compromise. 5. Advocate for or request firmware updates from the vendor that implement encryption of firmware storage and secure handling of sensitive credentials. 6. Consider replacing or supplementing Meatmeet devices with alternatives that follow stronger security practices if firmware encryption is not forthcoming. 7. Educate staff about the risks of physical device access and enforce policies to report lost or tampered devices promptly.