CVE-2025-65822
Dec. 10, 2025, 9:16 p.m.
None
No Score
Description
The ESP32 system on a chip (SoC) that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device's firmware with malicious code which will be executed upon running. As a result, the victim will lose access to the functionality of their device and the attack may gain unauthorized access to the victim's Wi-Fi network by re-connecting to the SSID defined in the NVS partition of the device.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Esp32 |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | esp32 | meatmeet_pro | / | / | / | / | / | / | / | / |
Tags
Timeline
Published: Dec. 10, 2025, 9:16 p.m.
Last Modified: Dec. 10, 2025, 9:16 p.m.
Last Modified: Dec. 10, 2025, 9:16 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.