CVE-2025-3090 | THREATINT

Description

An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function.

PUBLISHED Reserved 2025-04-01 | Published 2025-06-24 | Updated 2025-06-24 | Assigner CERTVDE

HIGH: 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Default status

unaffected

Any version before 2.18.0

affected

Default status

unaffected

Any version before 2.18.0

affected

Default status

unaffected

Any version before 2.18.0

affected

Default status

unaffected

Any version before 2.18.0

affected

References

certvde.com/en/advisories/VDE-2025-034

certvde.com/en/advisories/VDE-2025-037

cve.org (CVE-2025-3090)

nvd.nist.gov (CVE-2025-3090)

Download JSON

help @ threatint.eu