Home

Description

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

PUBLISHED Reserved 2025-04-16 | Published 2025-06-06 | Updated 2025-06-06 | Assigner CERTVDE




CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-704 Incorrect Type Conversion or Cast

Product status

Default status
unaffected

0.0.0 (semver)
affected

Credits

Ajay Anto reporter

References

www.kunbus.com/en/productsecurity/Kunbus-2025-0000003 vendor-advisory

psirt.kunbus.com/...csaf/white/2025/kunbus-2025-0000003.json vendor-advisory

cve.org (CVE-2025-41646)

nvd.nist.gov (CVE-2025-41646)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.