Description

The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers demonstrated that, after cicumventing the device’s protective enclosure, it was possible to connect a USB keyboard and press ESC during boot to access the BIOS setup interface. BIOS settings could be viewed but not modified. This behavior slightly increases the attack surface by exposing internal system information (CWE-1244) once the enclosure is removed, but does not allow integrity or availability compromise under standard or tested configurations.

INFO

Published Date :

2025-12-12T14:58:22.970Z

Last Modified :

2025-12-13T08:16:14.495Z

Source :

DIVD
AFFECTED PRODUCTS

The following products are affected by CVE-2025-36755 vulnerability.

Vendors Products
Cleverdisplay
  • Blueone
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-36755.

URL Resource
https://csirt.divd.nl/CVE-2025-5743/ cve-icon cve-icon
https://csirt.divd.nl/DIVD-2025-00043 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability