Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

CHOCO TEI WATCHER mini (IB-MCT001)

Source -

CNA

CNA CVEs -

7

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
7Vulnerabilities found
CVE-2025-66357
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.9||MEDIUM
EPSS-0.09% / 24.76%
||
7 Day CHG+0.02%
Published-16 Dec, 2025 | 04:48
Updated-23 Dec, 2025 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally.

Action-Not Available
Vendor-inabaInaba Denki Sangyo Co., Ltd.
Product-ib-mct001_firmwareib-mct001CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-59479
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-5.1||MEDIUM
EPSS-0.05% / 15.94%
||
7 Day CHG+0.01%
Published-16 Dec, 2025 | 04:48
Updated-23 Dec, 2025 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper restriction of rendered UI layers or frames. If a user clicks on content on a malicious web page while logged into the product, unintended operations may be performed on the product.

Action-Not Available
Vendor-inabaInaba Denki Sangyo Co., Ltd.
Product-ib-mct001_firmwareib-mct001CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2025-61976
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.29% / 52.24%
||
7 Day CHG+0.07%
Published-16 Dec, 2025 | 04:48
Updated-23 Dec, 2025 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive.

Action-Not Available
Vendor-inabaInaba Denki Sangyo Co., Ltd.
Product-ib-mct001_firmwareib-mct001CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-26689
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 73.48%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 04:49
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If a remote attacker sends a specially crafted HTTP request to the product, the product data may be obtained or deleted, and/or the product settings may be altered.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-425
Direct Request ('Forced Browsing')
CVE-2025-25211
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.72%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 04:49
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a brute-force attack may allow an attacker unauthorized access and login.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-521
Weak Password Requirements
CVE-2025-24852
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 04:49
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, an attacker who can access the microSD card used on the product may obtain the product login password.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-257
Storing Passwords in a Recoverable Format
CVE-2025-24517
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.49% / 65.53%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 04:48
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-CHOCO TEI WATCHER mini (IB-MCT001)
CWE ID-CWE-603
Use of Client-Side Authentication