Home / Vulnerability Intelligence / CVE-2025-67135

CVE-2025-67135 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: February 12, 2026

PGST PG107 Alarm System - Authentication Bypass

Published: February 11, 2026Updated: February 12, 2026Remote Exploitable

Overview

PGST PG107 Alarm System 1.25.05.hf contains a broken authentication caused by weak security in the PF-50 1.2 keyfob, letting attackers compromise access control via code replay attack, exploit requires capturing valid keyfob codes.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 4.1%(Probability of exploitation in next 30 days)

Impact

Attackers can bypass access control, gaining unauthorized entry to protected areas.

Mitigation

Update to the latest version with improved keyfob security.

References

https://neutsec.io/advisories/cve-2025-67135

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 13, 2026

🔴 CVE-2025-67135 - Critical (9.8) Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67135/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-67135
Severity: Critical
CVSS Score: 9.8
Type: broken_authentication
Status: unconfirmed
EPSS: 4.1%
Social Posts: 1

CWE

CWE-294

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.1%Probability of exploitation in the next 30 days