CVE-2025-36755
CleverDisplay BlueOne unauthorized BIOS access through physical USB keyboard
In short
A CleverDisplay BlueOne media player can have its protective case removed to access a USB port, allowing someone to connect a keyboard and view (but not change) its BIOS settings during startup. This exposes some internal system information but doesn't let attackers break or disable the device.
Technical detail
After physical circumvention of the device enclosure, an attacker with direct hardware access can connect a USB keyboard and press ESC during boot to access the BIOS setup interface in read-only mode, exposing internal system configuration data (CWE-1244). No modification of BIOS settings or compromise of system integrity or availability is possible under normal operating conditions.
Summary generated and translated by AI from the official description.
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device’s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/V:D/RE:L/U:Green
Affected products
CleverDisplay B.V. · BlueOne (CleverDisplay Hardware Player)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →