CVE-2025-27851

Published: May 13, 2026Modified: Jun 2, 2026

9.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.8

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate an exploit of this vulnerability, the victim must (1) be utilizing a web browser on a multihomed host that has local interfaces on the Garmin Marine Network as well as another network, and (2) access a malicious third party website created by the attacker.

Affected (2)

Products: Garmin: Empirbus Wireless Display Unit Firmware

1 product

Empirbus Wireless Display Unit Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Garmin Empirbus Wireless Display Unit Firmware	Version 1.4.6

Running on/with	Platform Versions
Garmin Empirbus Wireless Display Unit	Version v1

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Garmin Empirbus Wireless Display Unit Firmware	Version 5.00

Running on/with	Platform Versions
Garmin Empirbus Wireless Display Unit	Version v2

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

https://garmin.com

Source: cve@mitre.org

Product

https://www8.garmin.com/support/ch.jsp?product=010-02642-00

Source: cve@mitre.org

Release Notes

Timeline

No history available yet.