CVE-2025-10204 - Vulnerability Details - OpenCVE

A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Lg	Ac Smart

No data.

No data.

References

Link	Providers
https://lgsecurity.lge.com/bulletins

History

Mon, 15 Sep 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 15 Sep 2025 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lg Lg ac Smart
Vendors & Products		Lg Lg ac Smart

Sun, 14 Sep 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.
Title		Unauth Admin Reset Password on AC Smart II
Weaknesses		CWE-306
References		https://lgsecurity.lge.com/bulletins
Metrics		cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: LGE

Published: 2025-09-14T12:43:30.393Z

Updated: 2025-09-15T15:58:31.372Z

Reserved: 2025-09-10T01:26:32.811Z

Link: CVE-2025-10204

Vulnrichment

Updated: 2025-09-15T15:58:26.399Z

NVD

Status : Awaiting Analysis

Published: 2025-09-14T13:15:32.067

Modified: 2025-09-15T15:21:42.937

Link: CVE-2025-10204

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10204", "assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "state": "PUBLISHED", "assignerShortName": "LGE", "dateReserved": "2025-09-10T01:26:32.811Z", "datePublished": "2025-09-14T12:43:30.393Z", "dateUpdated": "2025-09-15T15:58:31.372Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AC Smart II", "vendor": "LG Electronics", "versions": [{"status": "affected", "version": "2.1.9"}]}], "datePublic": "2025-09-12T01:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. </span><span style=\"background-color: rgb(255, 255, 255);\">This page contains a hidden form for resetting the administrator password. </span><span style=\"background-color: rgb(255, 255, 255);\">The attacker can manipulate the page using developer tools to display and use the form. </span><span style=\"background-color: rgb(255, 255, 255);\">This form allows you to change the administrator password without verifying login status or user permissions.</span>"}], "value": "A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization.\u00a0This page contains a hidden form for resetting the administrator password.\u00a0The attacker can manipulate the page using developer tools to display and use the form.\u00a0This form allows you to change the administrator password without verifying login status or user permissions."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "shortName": "LGE", "dateUpdated": "2025-09-14T12:43:30.393Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lgsecurity.lge.com/bulletins"}], "source": {"discovery": "UNKNOWN"}, "tags": ["unsupported-when-assigned"], "title": "Unauth Admin Reset Password on AC Smart II", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-15T15:58:22.452731Z", "id": "CVE-2025-10204", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-15T15:58:31.372Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10204", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-15T15:58:22.452731Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-15T15:58:26.399Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "Unauth Admin Reset Password on AC Smart II", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "LG Electronics", "product": "AC Smart II", "versions": [{"status": "affected", "version": "2.1.9"}], "defaultStatus": "unaffected"}], "datePublic": "2025-09-12T01:00:00.000Z", "references": [{"url": "https://lgsecurity.lge.com/bulletins", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization.\u00a0This page contains a hidden form for resetting the administrator password.\u00a0The attacker can manipulate the page using developer tools to display and use the form.\u00a0This form allows you to change the administrator password without verifying login status or user permissions.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. </span><span style=\"background-color: rgb(255, 255, 255);\">This page contains a hidden form for resetting the administrator password. </span><span style=\"background-color: rgb(255, 255, 255);\">The attacker can manipulate the page using developer tools to display and use the form. </span><span style=\"background-color: rgb(255, 255, 255);\">This form allows you to change the administrator password without verifying login status or user permissions.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "shortName": "LGE", "dateUpdated": "2025-09-14T12:43:30.393Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10204", "state": "PUBLISHED", "dateUpdated": "2025-09-15T15:58:31.372Z", "dateReserved": "2025-09-10T01:26:32.811Z", "assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "datePublished": "2025-09-14T12:43:30.393Z", "assignerShortName": "LGE"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "product.security@lge.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization.\u00a0This page contains a hidden form for resetting the administrator password.\u00a0The attacker can manipulate the page using developer tools to display and use the form.\u00a0This form allows you to change the administrator password without verifying login status or user permissions."}], "id": "CVE-2025-10204", "lastModified": "2025-09-15T15:21:42.937", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "product.security@lge.com", "type": "Secondary"}]}, "published": "2025-09-14T13:15:32.067", "references": [{"source": "product.security@lge.com", "url": "https://lgsecurity.lge.com/bulletins"}], "sourceIdentifier": "product.security@lge.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "product.security@lge.com", "type": "Secondary"}]}