CVE-2025-25051 | THREATINT

Description

An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks.

PUBLISHED Reserved 2025-02-05 | Published 2026-01-22 | Updated 2026-01-23 | Assigner icscert

MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-256

Product status

Default status

unaffected

C0-0x

affected

C0-1x

affected

C2-x

affected

V3.90

unaffected

Credits

Dylan Chambers Bourgeois of Triskele Labs reported these vulnerabilities to CISA finder

References

www.cisa.gov/news-events/ics-advisories/icsa-26-022-02

github.com/...p/csaf_files/OT/white/2026/icsa-26-022-02.json

cve.org (CVE-2025-25051)

nvd.nist.gov (CVE-2025-25051)

Download JSON