CVE-2025-14988 | THREATINT

Description

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.

PUBLISHED Reserved 2025-12-19 | Published 2026-01-27 | Updated 2026-01-27 | Assigner icscert

CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status

unaffected

8.12.0

affected

Credits

Siemens reported this vulnerability to CISA. finder

References

www.cisa.gov/news-events/ics-advisories/icsa-26-027-01 government-resource

cve.org (CVE-2025-14988)

nvd.nist.gov (CVE-2025-14988)

Download JSON