CVE-2025-3222 | THREATINT

Description

Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows Authentication Abuse.This issue affects Smallworld: 5.3.3 and prior versions for Linux, and 5.3.4. and prior versions for Windows.

PUBLISHED Reserved 2025-04-03 | Published 2025-11-07 | Updated 2025-11-07 | Assigner GE_Vernova

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-287 Improper Authentication

Product status

Default status

unaffected

5.3.3 (Linux)

affected

5.3.4 (Windows)

affected

Credits

Theo Gobinet finder

Azael Martin finder

References

www.gevernova.com/...visory_ImproperAuthentication_SWMFS.pdf

cve.org (CVE-2025-3222)

nvd.nist.gov (CVE-2025-3222)

Download JSON