{"id":"CVE-2025-53627","summary":"Meshtastic firmware allows forged DMs with no PKC to show up as encrypted","details":"Meshtastic is an open source mesh networking solution. The Meshtastic firmware (starting from version 2.5) introduces asymmetric encryption (PKI) for direct messages, but when the `pki_encrypted` flag is missing, the firmware silently falls back to legacy AES-256-CTR channel encryption. This was an intentional decision to maintain backwards compatibility. However, the end-user applications, like Web app, iOS/Android app, and applications built on top of Meshtastic using the SDK, did not have a way to differentiate between end-to-end encrypted DMs and the legacy DMs. This creates a downgrade attack path where adversaries who know a shared channel key can craft and inject spoofed direct messages that are displayed as if they were PKC encrypted. Users are not given any feedback of whether a direct message was decrypted with PKI or with legacy symmetric encryption, undermining the expected security guarantees of the PKI rollout. Version 2.7.15 fixes this issue.","aliases":["GHSA-377p-prwp-4hwf"],"modified":"2026-04-12T17:41:42.972307Z","published":"2025-12-29T16:18:29.680Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53627.json","cwe_ids":["CWE-1287"],"cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53627.json"},{"type":"ADVISORY","url":"https://github.com/meshtastic/firmware/security/advisories/GHSA-377p-prwp-4hwf"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-53627"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/meshtastic/firmware","events":[{"introduced":"0"},{"fixed":"d18f3f7a658817b35a3ab746d8522c1136890785"}],"database_specific":{"versions":[{"introduced":"2.5"},{"fixed":"2.7.15"}]}}],"versions":["0.0.3","0.1.10","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.3","0.4.1","0.4.2","0.4.3","0.6.0","0.6.1","0.6.2","0.6.3","0.6.4","0.6.7","0.6.8","0.7.10","0.7.11","0.7.4","0.7.5","0.7.6","0.7.6b","0.7.7","0.7.8","0.7.9","0.8.1-fixed","0.9.1","0.9.2","0.9.3","0.9.5","0.9.6","0.9.7","1.0.0","1.1.0","1.1.1","1.1.2","1.1.20","1.1.23","1.1.3","1.1.30","1.1.31","1.1.32","1.1.33","1.1.4","1.1.42","1.1.46","1.1.47","1.1.48","1.1.5","1.1.50","1.1.6","1.1.7","1.1.8","1.2.1","1.2.10","1.2.11","1.2.4","1.2.5","1.2.6","1.2.9","v1.2.29.6c95659","v1.2.30.80e4bc6","v1.2.38.cf4e508","v1.2.39.06892c4","v1.2.41.32f3682","v1.2.44.f2c9c55","v1.2.47","v1.2.48.371335e","v1.2.49.5354c49","v1.2.50.41dcfdd","v1.2.51.f9ff06b","v1.2.52.b63802c","v1.2.53.19c1f9f","v1.2.54.288f2be","v1.2.55.9db7c62","v1.2.testing1","v1.3.10.4df0e91","v1.3.10.cc2a84a","v1.3.11.0411401","v1.3.12.6306c53","v1.3.13.71a43a9","v1.3.15.432d067","v1.3.16.97899ae","v1.3.17.c9822de","v1.3.19.3c6a2f7","v1.3.20.9a5ff93","v1.3.21.cf00ac5","v1.3.22.c725a6b","v1.3.23.5462d84","v1.3.24.dff6915","v1.3.25.85f46d3","v1.3.26.0010231","v1.3.27.c88ba58","v1.3.28.41f9541","v1.3.29.7afc149","v1.3.3.2fe124e","v1.3.30.9fe2ddb","v1.3.31.0084643","v1.3.32.7e6c22f","v1.3.33.ab0095c","v1.3.34.401b5d9","v1.3.35.3251cd5","v1.3.36.64f852e","v1.3.36.7e03019","v1.3.36.dd720f2","v1.3.37.97712a9","v1.3.38.1253abd","v1.3.39.ddc3727","v1.3.4.2b20bf3","v1.3.40.e87ecc2","v1.3.41.80ddb81","v1.3.42.9bd9252","v1.3.43.aae9d2f","v1.3.44.4fa8d02","v1.3.46.d4ea956","v1.3.47.05147c0","v1.3.48.82bcd39","v1.3.5.e5b19fd","v1.3.6.f511bab","v1.3.7.bb22b6e","v1.3.8.90df7c2","v1.3.9.92185e7","v2.0.0.18ab874","v2.0.1.ad05b91","v2.0.10.e09b12c","v2.0.11.8914d1a","v2.0.12.2400dd4","v2.0.13.7e27729","v2.0.14.2baaad8","v2.0.15.aafbde0","v2.0.16.2242b68","v2.0.17.5d1c06b","v2.0.18.1a7991c","v2.0.19.3209aea","v2.0.2.8146e84","v2.0.20.7100416","v2.0.21.83e6cea","v2.0.22.fbfd0f1","v2.0.23.7bb281d","v2.0.3.09fe616","v2.0.6.97fd5cf","v2.0.7.91ff7b9","v2.0.8.090e166","v2.0.9.6ea0963","v2.1.0.331a1af","v2.1.1.dc2ca9c","v2.1.10.7ef12c7","v2.1.11.5ec624d","v2.1.12.7711b03","v2.1.13.7475c86","v2.1.14.99a31c1","v2.1.15.cd78723","v2.1.16.a2c5b92","v2.1.17.7ca2e81","v2.1.18.de53280","v2.1.19.eb7025f","v2.1.2.6d20215","v2.1.20.470363d","v2.1.21.97d7a89","v2.1.22.191a69d","v2.1.23.04bbdc6","v2.1.3.8c68d88","v2.1.4.958d2cf","v2.1.5.23272da","v2.1.6.5679a82","v2.1.7.242f880","v2.1.9.d43ddc9","v2.2.0.9f6584b","v2.2.1.fb5f2e4","v2.2.10.7cebd79","v2.2.11.10265aa","v2.2.12.092e6f2","v2.2.13.f570204","v2.2.14.57542ce","v2.2.15.31c4693","v2.2.16.1c6acfd","v2.2.17.dbac2b1","v2.2.18.e9bde80","v2.2.19.8f6a283","v2.2.2.f35c7be","v2.2.20.af5ac32","v2.2.21.7f7c5cb","v2.2.22.404d0dd","v2.2.23.5672e68","v2.2.24.e6a2c06","v2.2.3.282cc0b","v2.2.4.3bcab0e","v2.2.5.8255128","v2.2.6.b53cb38","v2.2.7.e8970ad","v2.2.8.61f6fb2","v2.2.9.47301a5","v2.3.0.5f47ca1","v2.3.1.4fa7f5a","v2.3.10.d19607b","v2.3.11.2740a56","v2.3.12.24458a7","v2.3.13.83f5ba0","v2.3.14.64531fa","v2.3.15.deb7c27","v2.3.2.63df972","v2.3.3.8187fa7","v2.3.4.ea61808","v2.3.5.2f9b68e","v2.3.6.7a3570a","v2.3.7.30fbcab","v2.3.8.d490a33","v2.3.9.f06c56a","v2.4.0.46d7b82","v2.4.1.394e0e1","v2.4.2.5b45303","v2.4.3.efc27f2","v2.5.0.33eb073","v2.5.0.9ac0e26","v2.5.0.9e55e6b","v2.5.0.ab7de7f","v2.5.0.d6dac17","v2.5.0.e470619","v2.5.10.0fc5c9b","v2.5.11.8e2a3e5","v2.5.12.aa184e6","v2.5.13.1a06f88","v2.5.13.295278b","v2.5.14.f2ee0df","v2.5.15.79da236","v2.5.16.f81d3b0","v2.5.17.b4b2fd6","v2.5.18.89ebafc","v2.5.19.d5cd6f8","v2.5.19.f9876cf","v2.5.2.771cb52","v2.5.20.4c97351","v2.5.21.447533a","v2.5.22.d1fa27d","v2.5.23.bf958ed","v2.5.3.a70d5ee","v2.5.4.8d288d5","v2.5.5.e182ae7","v2.5.6.d55c08d","v2.5.7.f77c87d","v2.5.8.6485f03","v2.5.9.936260f","v2.6.0.f7afa9a","v2.6.1.7c3edde","v2.6.10.9ce4455","v2.6.11.60ec05e","v2.6.12.9861e82","v2.6.13.0561f2c","v2.6.2.31c0e8f","v2.6.3.640e731","v2.6.3.d28af68","v2.6.4.b89355f","v2.6.5.fc3d9f2","v2.6.6.54c1423","v2.6.7.2d6181f","v2.6.8.ef9d0d7","v2.6.9.f223b8a","v2.7.0.195b7cc","v2.7.0.705515a","v2.7.1.f35ca81","v2.7.12.45f15b8","v2.7.13.597fa0b","v2.7.2.f6d3782","v2.7.3.cf574c7","v2.7.4.c1f4f79","v2.7.5.ddd1499"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Line","deprecated":false,"id":"CVE-2025-53627-0a9e38db","target":{"file":"src/platform/nrf52/main-nrf52.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["244974135487406104536757880599777179385","16573642190003030343341205205732522021","291547561435929806146469486968999636026","276698711310302947336925963762221840480","164177178971494057806370228117100589444","155755477865891252494389155328333356972","128102664341683456659532839125274001446","309009486547279748857691693967836145098"]}},{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Line","deprecated":false,"id":"CVE-2025-53627-49a701c0","target":{"file":"src/power.h"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["269871890982149161983400334738294748426"]}},{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Function","deprecated":false,"id":"CVE-2025-53627-593af2c6","target":{"function":"cpuDeepSleep","file":"src/platform/nrf52/main-nrf52.cpp"},"signature_version":"v1","digest":{"function_hash":"146632134818370094629248435117067292452","length":2758}},{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Line","deprecated":false,"id":"CVE-2025-53627-73baeca9","target":{"file":"src/Power.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["243209889756938622254915687208403039529","273072613753598073368170073077509909094","143714367153691372663768807826916293436","48724121699150261087639861260321370997","224640523009678531945193925946837891089","243547986097771994639829840578601694223","98058157585123478074565918936167944738","13989455726426397035290595705997051354","12401851290150183365560591500449426009","307996330851299716114763298088139345897","60317621257674432074329261751858826402","336894856662961851900543474286216033638","315650285289501565701784315611156368711","171364256127998893207073120283313043336","314500771492049544102569564715279066314","266214296526746930593717680440362594666","269377640514847708723293262549639628261","57272087558504524141378201748556942022","106123734553324296190605564040355783289","22085148226424470532183694915430028705","176440833359375473629028854979592315400","195076295500881840395952621322473241467","98690612998579422020702330808410056981","268379138884745825427273133382000062512","35247470865163757263310970646294327638","240118316636559675786566651817999258081"]}},{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Function","deprecated":false,"id":"CVE-2025-53627-87f469d7","target":{"function":"Power::readPowerStatus","file":"src/Power.cpp"},"signature_version":"v1","digest":{"function_hash":"142276447114734159869605512449700239524","length":3458}},{"source":"https://github.com/meshtastic/firmware/commit/d18f3f7a658817b35a3ab746d8522c1136890785","signature_type":"Function","deprecated":false,"id":"CVE-2025-53627-c34f9a36","target":{"function":"adcEnable","file":"src/Power.cpp"},"signature_version":"v1","digest":{"function_hash":"51978269007857202018929737994997016914","length":493}}],"vanir_signatures_modified":"2026-04-12T17:41:42Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53627.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}