CWE-250
AllowedExecution with Unnecessary Privileges
Abstraction: Base · Status: Draft
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
573 vulnerabilities reference this CWE, most recent first.
CVE-2025-5196 (GCVE-0-2025-5196)
Vulnerability from cvelistv5 – Published: 2025-05-26 13:31 – Updated: 2025-05-28 17:35- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://vuldb.com/?id.310279 | vdb-entry |
| https://vuldb.com/?ctiid.310279 | signaturepermissions-required |
| https://vuldb.com/?submit.584253 | third-party-advisory |
| https://github.com/Nouvexr/Wing-FTP-Server-7.4.4-… | exploit |
| https://www.wftpserver.com/serverhistory.htm | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| Wing | FTP Server |
Affected:
7.4.0
Affected: 7.4.1 Affected: 7.4.2 Affected: 7.4.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5196",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:18:05.028886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:35:14.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Nouvexr/Wing-FTP-Server-7.4.4-RCE-Authenticated/blob/main/poc.txt"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Lua Admin Console"
],
"product": "FTP Server",
"vendor": "Wing",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.4.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "nouvexr (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Wing FTP Server up to 7.4.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Lua Admin Console. The manipulation leads to execution with unnecessary privileges. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 7.4.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: \"[W]e do not consider it as a security vulnerability, because the system admin in WingFTP has full permissions [...], but you can suggest the user run WingFTP service as Normal User rather than SYSTEM/Root, it will be safer.\""
},
{
"lang": "de",
"value": "In Wing FTP Server bis 7.4.3 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente Lua Admin Console. Mit der Manipulation mit unbekannten Daten kann eine execution with unnecessary privileges-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Ein Aktualisieren auf die Version 7.4.4 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-26T13:31:05.016Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310279 | Wing FTP Server Lua Admin Console unnecessary privileges",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.310279"
},
{
"name": "VDB-310279 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310279"
},
{
"name": "Submit #584253 | wftpserver Wing FTP Server 7.4.4 Remote Code Execution via Lua Admin Console",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584253"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Nouvexr/Wing-FTP-Server-7.4.4-RCE-Authenticated/blob/main/poc.txt"
},
{
"tags": [
"patch"
],
"url": "https://www.wftpserver.com/serverhistory.htm"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-26T10:25:25.000Z",
"value": "VulDB entry last update"
}
],
"title": "Wing FTP Server Lua Admin Console unnecessary privileges"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5196",
"datePublished": "2025-05-26T13:31:05.016Z",
"dateReserved": "2025-05-26T08:20:20.632Z",
"dateUpdated": "2025-05-28T17:35:14.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3925 (GCVE-0-2025-3925)
Vulnerability from cvelistv5 – Published: 2025-05-07 20:18 – Updated: 2025-05-08 14:04| Vendor | Product | Version | |
|---|---|---|---|
| BrightSign | BrightSign OS series 4 players |
Affected:
0 , < v8.5.53.1
(custom)
|
|
| BrightSign | BrightSign OS series 5 players |
Affected:
0 , < v9.0.166
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3925",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T14:04:41.859977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T14:04:48.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BrightSign OS series 4 players",
"vendor": "BrightSign",
"versions": [
{
"lessThan": "v8.5.53.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BrightSign OS series 5 players",
"vendor": "BrightSign",
"versions": [
{
"lessThan": "v9.0.166",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Merrill, a member of the Adversarial Modeling and Penetration Testing (AMPT) team at Sandia National Laboratories, reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or \nseries 5 prior to v9.0.166 contain an execution with unnecessary \nprivileges vulnerability, allowing for privilege escalation on the \ndevice once code execution has been obtained."
}
],
"value": "BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or \nseries 5 prior to v9.0.166 contain an execution with unnecessary \nprivileges vulnerability, allowing for privilege escalation on the \ndevice once code execution has been obtained."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:18:22.457Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-03"
},
{
"url": "https://www.brightsign.biz/resources/software-downloads/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nBrightSign fixed \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cve.org/CVERecord?id=CVE-2025-3925\"\u003eCVE-2025-3925\u003c/a\u003e in v8.5.53.1 (for series 4 players) and v9.0.166 (for series 5 players). Both of these have been released and available on the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.brightsign.biz/resources/software-downloads/\"\u003eBrightSign download site.\u003c/a\u003e \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\nFor more information, please \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.brightsign.biz/contact-us/\"\u003econtact BrightSign via their website.\u003c/a\u003e\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "BrightSign fixed CVE-2025-3925 https://www.cve.org/CVERecord in v8.5.53.1 (for series 4 players) and v9.0.166 (for series 5 players). Both of these have been released and available on the BrightSign download site. https://www.brightsign.biz/resources/software-downloads/ \n\n\n\nFor more information, please contact BrightSign via their website. https://www.brightsign.biz/contact-us/"
}
],
"source": {
"advisory": "ICSA-25-126-03",
"discovery": "EXTERNAL"
},
"title": "BrightSign Players Execution with Unnecessary Privileges",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBrightSign recommends the following security practices:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChange default passwords when the device is initially set up.\u003c/li\u003e\n\u003cli\u003eDisable the local DWS as described in \"High Security settings\".\u003c/li\u003e\n\u003cli\u003eDisable the SSH/telnet server when not being used - it is not enabled by default.\u003c/li\u003e\n\u003cli\u003eDevices should be located where an attacker does not have physical access to the device.\u003c/li\u003e\n\u003cli\u003eSD and USB ports can be disabled if not needed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.brightsign.biz/contact-us/\"\u003econtact BrightSign via their website.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "BrightSign recommends the following security practices:\n\n\n\n * Change default passwords when the device is initially set up.\n\n * Disable the local DWS as described in \"High Security settings\".\n\n * Disable the SSH/telnet server when not being used - it is not enabled by default.\n\n * Devices should be located where an attacker does not have physical access to the device.\n\n * SD and USB ports can be disabled if not needed.\n\n\n\n\nFor more information, please contact BrightSign via their website. https://www.brightsign.biz/contact-us/"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-3925",
"datePublished": "2025-05-07T20:18:22.457Z",
"dateReserved": "2025-04-24T17:54:29.059Z",
"dateUpdated": "2025-05-08T14:04:48.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3892 (GCVE-0-2025-3892)
Vulnerability from cvelistv5 – Published: 2025-08-12 05:14 – Updated: 2026-02-26 17:49- CWE-250 - Execution with Unnecessary Privileges
| Vendor | Product | Version | |
|---|---|---|---|
| Axis Communications AB | AXIS OS |
Affected:
12.0.0 , < 12.5.31
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-14T03:56:11.486812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:43.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "12.5.31",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "URCQ"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP\u0026nbsp;applications, and if an attacker convinces the victim to install a malicious ACAP application."
}
],
"value": "ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP\u00a0applications, and if an attacker convinces the victim to install a malicious ACAP application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T05:14:43.655Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/ae/19/16/cve-2025-3892pdf-en-US-492760.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-3892",
"datePublished": "2025-08-12T05:14:43.655Z",
"dateReserved": "2025-04-23T06:57:37.077Z",
"dateUpdated": "2026-02-26T17:49:43.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3364 (GCVE-0-2025-3364)
Vulnerability from cvelistv5 – Published: 2025-04-08 02:26 – Updated: 2025-04-08 14:18- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-10057-58c05-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-10058-fce0b-2.html | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| HGiga | PowerStation |
Affected:
0 , < x64.6.2.213
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T14:18:35.732555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:18:44.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerStation",
"vendor": "HGiga",
"versions": [
{
"lessThan": "x64.6.2.213",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-04-08T02:17:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system."
}
],
"value": "The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T06:08:38.691Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10057-58c05-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10058-fce0b-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware to version x64.6.2.213 or later, then reboot PowerStation."
}
],
"value": "Update firmware to version x64.6.2.213 or later, then reboot PowerStation."
}
],
"source": {
"advisory": "TVN-202504004",
"discovery": "EXTERNAL"
},
"title": "HGiga PowerStation - Chroot Escape",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-3364",
"datePublished": "2025-04-08T02:26:50.820Z",
"dateReserved": "2025-04-07T03:20:20.179Z",
"dateUpdated": "2025-04-08T14:18:44.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1977 (GCVE-0-2025-1977)
Vulnerability from cvelistv5 – Published: 2025-12-31 07:23 – Updated: 2025-12-31 16:08- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | NPort 6100-G2/6200-G2 Series |
Affected:
1.0.0
(custom)
Unaffected: 1.1.0 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-31T16:08:52.042249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T16:08:58.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NPort 6100-G2/6200-G2 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Paxon SP Lin"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean authenticated user with read-only access to perform unauthorized configuration changes through the MCC (Moxa CLI Configuration) tool. The issue can be exploited remotely over the network with low-attack complexity and no user interaction but requires specific system conditions or configurations to be present. Successful exploitation may result in changes to device settings that were not intended to be permitted for the affected user role, potentially leading to a high impact on the confidentiality, integrity, and availability of the device. No impact on other systems has been identified.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC (Moxa CLI Configuration) tool. The issue can be exploited remotely over the network with low-attack complexity and no user interaction but requires specific system conditions or configurations to be present. Successful exploitation may result in changes to device settings that were not intended to be permitted for the affected user role, potentially leading to a high impact on the confidentiality, integrity, and availability of the device. No impact on other systems has been identified."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122: Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T07:23:28.569Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-251731-cve-2025-1977-cve-2025-2026-multiple-vulnerabilities-in-nport-6100-g2-6200-g2-series"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNPort 6100-G2/6200-G2 Series\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003eUpdate to firmware\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ev1.1.0 or later\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "NPort 6100-G2/6200-G2 Series\n * Update to firmware\u00a0v1.1.0 or later"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2025-1977",
"datePublished": "2025-12-31T07:23:28.569Z",
"dateReserved": "2025-03-05T01:48:49.764Z",
"dateUpdated": "2025-12-31T16:08:58.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1951 (GCVE-0-2025-1951)
Vulnerability from cvelistv5 – Published: 2025-04-22 14:48 – Updated: 2026-02-26 18:28- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7231389 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Hardware Management Console - Power Systems |
Affected:
V10.2.1030.0
Affected: V10.3.1050.0 cpe:2.3:a:ibm:power_hardware_management_console:10.2.1030.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:power_hardware_management_console:10.3.1050.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1951",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T03:56:09.858574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:07.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:power_hardware_management_console:10.2.1030.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:power_hardware_management_console:10.3.1050.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Hardware Management Console - Power Systems",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "V10.2.1030.0"
},
{
"status": "affected",
"version": "V10.3.1050.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges."
}
],
"value": "IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T00:39:33.682Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7231389"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Hardware Management Console - Power Systems command execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1951",
"datePublished": "2025-04-22T14:48:08.892Z",
"dateReserved": "2025-03-04T14:10:12.553Z",
"dateUpdated": "2026-02-26T18:28:07.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1790 (GCVE-0-2025-1790)
Vulnerability from cvelistv5 – Published: 2026-02-13 16:45 – Updated: 2026-02-13 21:11- CWE-250 - Execution with Unnecessary Privileges
| Vendor | Product | Version | |
|---|---|---|---|
| Genetec Inc. | Genetec Sipelia |
Affected:
<2.14.271
(semver)
Unaffected: >=2.14.271 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-13T21:11:34.858558Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T21:11:48.160Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Genetec Sipelia",
"vendor": "Genetec Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c2.14.271",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "\u003e=2.14.271",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rutger Flohil"
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows user could exploit this vulnerability to gain elevated privileges on the affected system."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T16:45:06.539Z",
"orgId": "f2b06212-cb4b-41a4-9501-fa2e367495b8",
"shortName": "Genetec"
},
"references": [
{
"url": "https://techdocs.genetec.com/r/en-US/Security-Updates-for-SipeliaTM-2.14/"
}
],
"solutions": [
{
"lang": "en",
"value": "Hotfix 2.14.271 must be installed on client and server machines to resolve this issue. This issue will also be fixed in all later versions."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f2b06212-cb4b-41a4-9501-fa2e367495b8",
"assignerShortName": "Genetec",
"cveId": "CVE-2025-1790",
"datePublished": "2026-02-13T16:45:06.539Z",
"dateReserved": "2025-02-28T17:07:17.135Z",
"dateUpdated": "2026-02-13T21:11:48.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1411 (GCVE-0-2025-1411)
Vulnerability from cvelistv5 – Published: 2025-06-15 12:34 – Updated: 2026-02-26 17:50- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7236658 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Security Verify Directory |
Affected:
10.0.0.0 , ≤ 10.0.3.1
(semver)
cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_directory:10.0.3:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T03:55:09.622247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:36.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_directory:10.0.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Security Verify Directory",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "10.0.3.1",
"status": "affected",
"version": "10.0.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Security Verify Directory Container 10.0.0.0 through 10.0.3.1 could allow a local user to execute commands as root due to execution with unnecessary privileges."
}
],
"value": "IBM Security Verify Directory Container 10.0.0.0 through 10.0.3.1 could allow a local user to execute commands as root due to execution with unnecessary privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-24T11:52:49.684Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7236658"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM strongly recommends that customers update to the latest versions of software.\u003cbr\u003e\u003cbr\u003eIBM Security Verify Directory containers\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e10.0.0 - 10.0.3.1\u003c/span\u003e\n\n\u003cbr\u003everify-directory-server\u003cbr\u003everify-directory-proxy\u003cbr\u003everify-directory-webadmin\u003cbr\u003everify-directory-virtualdir\u003cbr\u003everify-directory-seed\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "IBM strongly recommends that customers update to the latest versions of software.\n\nIBM Security Verify Directory containers\u00a010.0.0 - 10.0.3.1\n\n\nverify-directory-server\nverify-directory-proxy\nverify-directory-webadmin\nverify-directory-virtualdir\nverify-directory-seed"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Security Verify Directory Container command execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1411",
"datePublished": "2025-06-15T12:34:16.870Z",
"dateReserved": "2025-02-18T03:35:28.224Z",
"dateUpdated": "2026-02-26T17:50:36.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1137 (GCVE-0-2025-1137)
Vulnerability from cvelistv5 – Published: 2025-05-10 01:56 – Updated: 2026-02-26 18:28- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7233085 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Storage Scale |
Affected:
5.2.2.0
Affected: 5.2.2.1 cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.1.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T03:55:55.420944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:40.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.1.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Storage Scale",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.2.2.0"
},
{
"status": "affected",
"version": "5.2.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization."
}
],
"value": "IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T15:33:16.069Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7233085"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Storage Scale 5.2.2.0-5.2.2.1, IBM strongly recommends addressing the vulnerability by upgrading to 5.2.3.0 or later:\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026amp;product=ibm/StorageSoftware/IBM+Storage+Scale\u0026amp;release=5.2.3\u0026amp;platform=All\u0026amp;function=all\"\u003ehttps://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026amp;produ...\u003c/a\u003e"
}
],
"value": "Storage Scale 5.2.2.0-5.2.2.1, IBM strongly recommends addressing the vulnerability by upgrading to 5.2.3.0 or later:\n\n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026produ... https://www.ibm.com/support/fixcentral/swg/selectFixes"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Storage Scale command injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1137",
"datePublished": "2025-05-10T01:56:23.135Z",
"dateReserved": "2025-02-08T20:16:19.164Z",
"dateUpdated": "2026-02-26T18:28:40.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0921 (GCVE-0-2025-0921)
Vulnerability from cvelistv5 – Published: 2025-05-15 22:36 – Updated: 2026-04-13 23:06- CWE-250 - Execution with Unnecessary Privileges
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerab… | vendor-advisory |
| https://jvn.jp/vu/JVNVU93838985 | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0921",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T13:21:49.388730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:21:55.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MobileHMI",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Hyper Historian",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AnalytiX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IoTWorX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "version 10.95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BizViz",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "version 11.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MobileHMI",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Hyper Historian",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AnalytiX",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IoTWorX",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "version 10.95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BizViz",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "version 11.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Asher Davila from Palo Alto Networks"
},
{
"lang": "en",
"type": "finder",
"value": "Malav Vyas from Palo Alto Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC."
}
],
"value": "Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T23:06:00.161Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-002_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU93838985"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Tampering Vulnerability in Multiple Services of GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, IoTWorX, MC Works64, GENESIS, GENESIS32, and BizViz",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-0921",
"datePublished": "2025-05-15T22:36:37.902Z",
"dateReserved": "2025-01-31T01:50:57.976Z",
"dateUpdated": "2026-04-13T23:06:00.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
Mitigation MIT-18
Strategy: Separation of Privilege
Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation MIT-18
Strategy: Attack Surface Reduction
Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation
Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.
Mitigation MIT-19
When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.
Mitigation
If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.
Mitigation MIT-37
Strategy: Environment Hardening
Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.
CAPEC-104: Cross Zone Scripting
An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.
CAPEC-470: Expanding Control over the Operating System from the Database
An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.
CAPEC-69: Target Programs with Elevated Privileges
This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.