Home

Description

Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

PUBLISHED Reserved 2025-09-04 | Published 2025-09-05 | Updated 2025-09-05 | Assigner arcinfo




HIGH: 7.6CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/AU:Y/R:U/RE:M/U:Green

Problem types

CWE-940 Improper Verification of Source of a Communication Channel

CWE-1288 Improper Validation of Consistency within Input

Product status

Default status
affected

16.0 (cpe) before 16.3.1
affected

15.0 (cpe) before 15.2.12
affected

12.0 (cpe) before 12.0.31
affected

Credits

Guillaume André (Synacktiv) finder

Pierre Gertner (Synacktiv) finder

References

www.pcvue.com/security/ vendor-advisory

cve.org (CVE-2025-9999)

nvd.nist.gov (CVE-2025-9999)

Download JSON