CVE-2025-24852

low-risk

Published 2025-03-31

Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, an attacker who can access the microSD card used on the product may obtain the product login password.

Do I need to act?

0.13% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.6/10 Medium

PHYSICAL / LOW complexity

References (4)

https://jvn.jp/en/vu/JVNVU91154745/

https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04

https://www.inaba.co.jp/files/chocomini_vulnerability.pdf

https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line...

/ 100

low-risk

Severity 16/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal