CVE-2025-56800

low-risk

Published 2025-10-21

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable JavaScript property(a.settingsManager.lockScreenPassword), an attacker can patch the return value to bypass authentication. NOTE: this is disputed by the Supplier because the lock-screen bypass would only occur if the local user modified his own instance of the application.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.1/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Reolink

Affected Vendors

Reolink

References (2)

Exploit https://github.com/shinyColumn/CVE-2025-56800

Exploit https://shinycolumn.notion.site/reolink-auth-bypass

/ 100

low-risk

Severity 17/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal