Home

Description

EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution.

PUBLISHED Reserved 2025-01-22 | Published 2025-10-13 | Updated 2025-10-14 | Assigner ERIC




HIGH: 8.4CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unaffected

Any version before S24.Q2
affected

Default status
unaffected

Any version before 24.Q1.C5
affected

References

www.ericsson.com/en/about-us/security/psirt/cve-2025-0636

cve.org (CVE-2025-0636)

nvd.nist.gov (CVE-2025-0636)

Download JSON