CVE-2025-67135 identifies a critical security vulnerability in the PF-50 1.2 keyfob component of the PGST PG107 Alarm System version 1.25.05.hf. The vulnerability stems from weak security controls that allow an attacker to capture and replay the keyfob's access code, effectively bypassing the system's access control mechanisms. This replay attack exploits the lack of robust cryptographic protections or challenge-response protocols in the keyfob communication, enabling unauthorized users to gain access without needing any privileges or user interaction. The vulnerability is classified under CWE-294 (Improper Authentication), indicating that the system fails to properly verify the authenticity of the access request. The CVSS v3.1 base score of 9.8 reflects the critical nature of this flaw, with an attack vector over the network, low attack complexity, no privileges required, no user interaction, and full impact on confidentiality, integrity, and availability. Although no patches or updates have been released yet, the vulnerability is publicly disclosed and poses a significant risk to physical security systems relying on this keyfob technology. The absence of known exploits in the wild suggests that attackers have not yet widely leveraged this vulnerability, but the potential for misuse remains high given the ease of exploitation.

The impact of CVE-2025-67135 is severe for organizations using the PGST PG107 Alarm System with the vulnerable PF-50 1.2 keyfob. Successful exploitation allows attackers to bypass physical access controls, potentially gaining unauthorized entry to secured premises. This can lead to theft, espionage, sabotage, or other malicious activities compromising organizational assets and personnel safety. The compromise of confidentiality arises from unauthorized access to sensitive areas or information. Integrity is affected as attackers could manipulate alarm system settings or disable alarms, undermining trust in security measures. Availability is also at risk if attackers disrupt alarm functionality or cause denial of service. The vulnerability's ease of exploitation without authentication or user interaction increases the likelihood of attacks, especially in environments with high-value targets or weak physical security. Organizations in sectors such as government, critical infrastructure, finance, and manufacturing are particularly vulnerable due to the strategic importance of their facilities and the reliance on alarm systems for protection.

To mitigate CVE-2025-67135, organizations should immediately assess their use of the PGST PG107 Alarm System and identify any PF-50 1.2 keyfobs in operation. Since no official patches are available, consider the following specific actions: 1) Disable or replace vulnerable keyfobs with devices implementing strong cryptographic authentication and anti-replay mechanisms; 2) Implement multi-factor authentication for access control systems where possible, combining keyfobs with PIN codes or biometric verification; 3) Increase physical security measures such as surveillance cameras and security personnel to monitor access points; 4) Monitor alarm system logs and network traffic for unusual access patterns or repeated code transmissions indicative of replay attacks; 5) Engage with the vendor for updates or firmware patches addressing the vulnerability; 6) Conduct regular security audits and penetration testing focused on access control systems; 7) Educate security staff about the risks of replay attacks and appropriate incident response procedures. These targeted measures go beyond generic advice by focusing on compensating controls and proactive detection in the absence of immediate vendor fixes.