CVE-2025-7213 is a medium-severity vulnerability affecting the FNKvision FNK-GU2 device, specifically versions 40.1.0 through 40.1.7. The vulnerability arises from improper access control in an on-chip debug and test interface accessible via the UART interface component. This flaw allows an attacker with physical access to the device to manipulate the on-chip debug and test interface, potentially gaining unauthorized control or insight into the device's internal operations. The attack complexity is high, and exploitation is considered difficult, requiring physical proximity and specialized knowledge or equipment. The vulnerability does not require authentication or user interaction but is limited by the need for physical access. The CVSS 4.0 base score is 5.4, reflecting a medium severity level, with attack vector being physical (AV:P), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), and high impact on confidentiality, integrity, and availability (C:H, I:H, A:H). No known exploits are currently observed in the wild, and no patches or mitigations have been publicly disclosed yet. This vulnerability could be exploited to bypass security controls, extract sensitive data, or disrupt device functionality by leveraging the debug interface, which is typically intended for development and testing purposes but should be protected in production environments.

For European organizations deploying FNKvision FNK-GU2 devices, this vulnerability poses a risk primarily in environments where physical access to devices cannot be strictly controlled, such as in field installations, public or semi-public areas, or shared facilities. Exploitation could lead to unauthorized disclosure of sensitive information, manipulation of device operations, or disruption of services relying on these devices. Critical infrastructure sectors, manufacturing, or industrial control systems using FNK-GU2 devices could face operational disruptions or data breaches. The medium severity and high complexity reduce the likelihood of widespread exploitation; however, targeted attacks by skilled adversaries with physical access remain a concern. Organizations with stringent physical security measures and device monitoring will be less impacted, but those lacking such controls may face increased risk.

To mitigate this vulnerability, European organizations should implement strict physical security controls to prevent unauthorized access to FNKvision FNK-GU2 devices, including locked enclosures, surveillance, and access logging. Network segmentation should isolate these devices from less trusted networks to limit remote attack vectors. Organizations should monitor device behavior for anomalies indicative of debug interface exploitation. Since no patches are currently available, contacting FNKvision for firmware updates or vendor guidance is recommended. Additionally, disabling or restricting access to debug and test interfaces in production environments, if configurable, can reduce exposure. Regular security audits and inventory management to identify and track affected devices will aid in risk assessment and response planning.