CVE-2025-8653 – Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability

August 6, 2025

CVE ID : CVE-2025-8653

Published : Aug. 6, 2025, 2:15 a.m. | 21 hours, 29 minutes ago

Description : Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the JKRadioService. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26312.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8654 – Kenwood DMX958XR Command Injection Remote Code Execution Vulnerability

Next Article CVE-2025-54622 – Cisco Devicemanager Authentication Bypass Vulnerability

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-8653 – Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-7436 – Campcodes Online Recruitment Management System SQL Injection Vulnerability

SAG-AFTRA video game actors approve new agreement — securing better pay, protections against AI, and more

CVE-2025-48133 – Uncanny Owl Uncanny Automator Missing Authorization Vulnerability

Linux CentOS Web Panel Vulnerability Let Attackers Execute Malicious Remote Code – PoC Released

Microsoft says get Windows 11, ditch Windows 10 to be on the “right side”

CVE-2025-53380 – Apache Struts Deserialization Vulnerability

Google May Lose Chrome, And OpenAI’s First in Line to Grab It

Microsoft yanks its Movies & TV store, ending a 19-year video experiment

CVE-2025-8653 – Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability

Related Posts