CVE-2025-9228 | THREATINT

Description

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users.

PUBLISHED Reserved 2025-08-20 | Published 2025-08-20 | Updated 2025-08-20 | Assigner TRO

MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-863: Incorrect Authorization

Product status

Default status

unaffected

Any version before 3.0.0

affected

Default status

unaffected

Any version before 3.0.0

affected

Credits

Lockheed Martin Red Team reporter

References

a.storyblok.com/f/230581/x/46f48d3787/msa-15.pdf vendor-advisory

supportportal.mobile-industrial-robots.com/...ecurity-guide/

cve.org (CVE-2025-9228)

nvd.nist.gov (CVE-2025-9228)

Download JSON

help @ threatint.eu