CVE-2025-70994: n/a
Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal forgery after a local attacker intercepts any legitimate key fob transmission, allowing for complete unauthorized vehicle operation via a replay attack.
AI Analysis
Technical Summary
The vulnerability CVE-2025-70994 affects Yadea T5 Electric Bicycles (models from 2024 onward) due to their use of the EV1527 fixed-code RF protocol in the keyless entry system without rolling codes or cryptographic challenge-response mechanisms. This design flaw allows an attacker to capture a legitimate key fob signal and replay it to gain unauthorized vehicle operation. The CVSS 3.1 score is 7.3, reflecting high impact on integrity and availability with attack vector being adjacent network and requiring no privileges but user interaction. There is no vendor advisory or patch available at this time.
Potential Impact
An attacker who can intercept a legitimate key fob transmission can perform a replay attack to fully control the affected electric bicycle without authorization. This compromises the integrity and availability of the vehicle, potentially allowing theft or unauthorized use. Confidentiality is not impacted. There are no known exploits in the wild currently.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should be aware of the risk of replay attacks and consider physical security measures to prevent interception of key fob signals. No official mitigation or temporary fix has been published by the vendor.
CVE-2025-70994: n/a
Description
Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal forgery after a local attacker intercepts any legitimate key fob transmission, allowing for complete unauthorized vehicle operation via a replay attack.
CVSS v3.1
Score 7.3high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2025-70994 affects Yadea T5 Electric Bicycles (models from 2024 onward) due to their use of the EV1527 fixed-code RF protocol in the keyless entry system without rolling codes or cryptographic challenge-response mechanisms. This design flaw allows an attacker to capture a legitimate key fob signal and replay it to gain unauthorized vehicle operation. The CVSS 3.1 score is 7.3, reflecting high impact on integrity and availability with attack vector being adjacent network and requiring no privileges but user interaction. There is no vendor advisory or patch available at this time.
Potential Impact
An attacker who can intercept a legitimate key fob transmission can perform a replay attack to fully control the affected electric bicycle without authorization. This compromises the integrity and availability of the vehicle, potentially allowing theft or unauthorized use. Confidentiality is not impacted. There are no known exploits in the wild currently.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should be aware of the risk of replay attacks and consider physical security measures to prevent interception of key fob signals. No official mitigation or temporary fix has been published by the vendor.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-01-09T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69ea9e7887115cfb686fc3c4
Added to database: 4/23/2026, 10:34:32 PM
Last enriched: 4/23/2026, 11:21:18 PM
Last updated: 6/8/2026, 9:56:58 AM
Views: 55
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.