CVE-2025-9999 | THREATINT

Description

Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

PUBLISHED Reserved 2025-09-04 | Published 2025-09-05 | Updated 2026-02-26 | Assigner arcinfo

HIGH: 7.6CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/AU:Y/R:U/RE:M/U:Green

Problem types

CWE-940 Improper Verification of Source of a Communication Channel

CWE-1288 Improper Validation of Consistency within Input

Product status

Default status

affected

16.0.0 (cpe)

affected

15.0.0 (cpe)

affected

12.0.0 (cpe)

affected

Credits

Guillaume André (Synacktiv) finder

Pierre Gertner (Synacktiv) finder

References

www.pcvue.com/security/ vendor-advisory

cve.org (CVE-2025-9999)

nvd.nist.gov (CVE-2025-9999)

Download JSON