Garmin Empirbus Wireless Display Unit Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Garmin Empirbus Wireless Display Unit Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-27851 — CVSS 9.3 (critical): The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a cross-site origin WebSocket hijacking attack. Among other…
CVE-2025-27850 — CVSS 7.5 (high): The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a symlink attack. If a malicious graphics package containing…
CVE-2025-27853 — CVSS 7.3 (high): The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows its authentication to be bypassed. The WDU web site only…
CVE-2025-27852 — CVSS 5.0 (medium): The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a reflected cross site scripting (XSS) attack. This allows an…