CVE-2025-31949

Description

An authenticated attacker can obtain any plant name by knowing the plant ID.

PUBLISHED Reserved 2025-04-01 | Published 2025-04-15 | Updated 2025-04-15 | Assigner icscert

Problem types

CWE-639 Authorization Bypass Through User-Controlled Key

Product status

Credits

Forescout Technologies reported these vulnerabilities to CISA. finder

References

www.cisa.gov/news-events/ics-advisories/icsa-25-105-04

cve.org (CVE-2025-31949)

nvd.nist.gov (CVE-2025-31949)

Download JSON