CVE-2025-0680 — AI Deep Analysis Summary

🚨 **Essence**: OS Command Injection in New Rock Cloud Connected Devices. <br>💥 **Consequences**: Attackers can take **full control** of any cloud-connected device. Critical integrity and availability loss.

🛡️ **Root Cause**: **CWE-78** (OS Command Injection). <br>🔍 **Flaw**: Unsanitized input allows execution of arbitrary system commands on the target device.

🏢 **Affected Vendor**: New Rock Technologies (China Xunshi Communication). <br>📦 **Product**: **OM500 IP-PBX** and other New Rock Cloud Connected Devices.

👑 **Privileges**: Full device control. <br>📂 **Data**: High impact on Confidentiality, Integrity, and Availability (CVSS: H/H/H). Hackers can execute commands as the system user.

⚡ **Threshold**: **LOW**. <br>🔓 **Auth**: No privileges required (PR:N). <br>🌐 **Access**: Network accessible (AV:N). <br>👁️ **UI**: No user interaction needed (UI:N). Easy to exploit remotely.

📜 **Public Exp?**: **No**. <br>🚫 **PoC**: Empty in current data. <br>⚠️ **Status**: Wild exploitation risk exists due to low complexity, but no public code snippet yet.

🔍 **Self-Check**: Scan for **New Rock OM500 IP-PBX** devices. <br>📡 **Feature**: Look for cloud-connected endpoints. <br>🧪 **Test**: Attempt command injection via exposed web/API interfaces if accessible.

🛠️ **Official Fix**: **Unknown**. <br>📅 **Published**: 2025-01-30. <br>⏳ **Status**: Vendor patch not listed in provided data. Check vendor portal immediately.

🚧 **Workaround**: <br>1. **Isolate** devices from the internet. <br>2. **Restrict** network access to trusted IPs only. <br>3. Disable unnecessary cloud features if possible.

🔥 **Urgency**: **CRITICAL**. <br>📈 **Priority**: **P1**. <br>💡 **Reason**: Remote, unauthenticated, high impact. Immediate mitigation required to prevent total device compromise.