CVE-2025-7020 BYD DiLink OS Incorrect encryption Implementation of system log dumps

An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS e.g. in the model ATTO3. An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment IVI unit's storage. This allows the...

BYD DiLink 安全漏洞

BYD DiLink is an intelligent Internet connection system from China's BYD BYD. A security vulnerability exists in BYD DiLink 3.0 OS, which stems from improper implementation of encryption for the system log dump function, which could lead to sensitive data leakage...

PT-2025-32437 · Byd · Byd Dilink 3.0 Os

Name of the Vulnerable Software and Affected Versions: BYD DiLink 3.0 OS affected versions not specified Description: An incorrect encryption implementation exists in the system log dump feature. An attacker with physical access to the vehicle can bypass the encryption of log dumps on the...