CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
CVE-2024-51564 (GCVE-0-2024-51564)
Vulnerability from cvelistv5 – Published: 2024-11-12 14:51 – Updated: 2025-11-03 20:45
VLAI
Title
bhyve(8) infinite loop in the hda audio driver
Summary
A guest can trigger an infinite loop in the hda audio driver.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://security.freebsd.org/advisories/FreeBSD-S… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2025020… |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| FreeBSD | FreeBSD |
Affected:
14.1-RELEASE , < p6
(release)
Affected: 13.4-RELEASE , < p2 (release) Affected: 13.3-RELEASE , < p8 (release) |
|
| freebsd | freebsd |
Affected:
13.3 , < 13.3_p8
(custom)
cpe:2.3:o:freebsd:freebsd:13.3:*:*:*:*:*:*:* |
|
| freebsd | freebsd |
Affected:
13.4 , < 13.4_p2
(custom)
cpe:2.3:o:freebsd:freebsd:13.4:*:*:*:*:*:*:* |
|
| freebsd | freebsd |
Affected:
14.1 , < 14.1_p6
(custom)
cpe:2.3:o:freebsd:freebsd:14.1:*:*:*:*:*:*:* |
Date Public
2024-10-29 21:32
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:13.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "13.3_p8",
"status": "affected",
"version": "13.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:13.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "13.4_p2",
"status": "affected",
"version": "13.4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:14.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "14.1_p6",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T17:13:07.789111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:13:11.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:45:19.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250207-0008/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"bhyve"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p6",
"status": "affected",
"version": "14.1-RELEASE",
"versionType": "release"
},
{
"lessThan": "p2",
"status": "affected",
"version": "13.4-RELEASE",
"versionType": "release"
},
{
"lessThan": "p8",
"status": "affected",
"version": "13.3-RELEASE",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Synacktiv"
},
{
"lang": "en",
"type": "sponsor",
"value": "The FreeBSD Foundation"
},
{
"lang": "en",
"type": "sponsor",
"value": "The Alpha-Omega Project"
}
],
"datePublic": "2024-10-29T21:32:53.000Z",
"descriptions": [
{
"lang": "en",
"value": "A guest can trigger an infinite loop in the hda audio driver."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:51:51.757Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc"
}
],
"title": "bhyve(8) infinite loop in the hda audio driver"
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2024-51564",
"datePublished": "2024-11-12T14:51:51.757Z",
"dateReserved": "2024-10-29T17:16:43.254Z",
"dateUpdated": "2025-11-03T20:45:19.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-51566 (GCVE-0-2024-51566)
Vulnerability from cvelistv5 – Published: 2024-11-12 14:58 – Updated: 2025-11-03 20:45
VLAI
Title
bhyve(8) NVMe driver to guest-induced infinite loops.
Summary
The NVMe driver queue processing is vulernable to guest-induced infinite loops.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://security.freebsd.org/advisories/FreeBSD-S… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2025020… |
Impacted products
Date Public
2024-10-29 21:32
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T20:21:19.395074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T20:22:34.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:45:22.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250207-0008/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"bhyve"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p6",
"status": "affected",
"version": "14.1-RELEASE",
"versionType": "release"
},
{
"lessThan": "p2",
"status": "affected",
"version": "13.4-RELEASE",
"versionType": "release"
},
{
"lessThan": "p8",
"status": "affected",
"version": "13.3-RELEASE",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Synacktiv"
},
{
"lang": "en",
"type": "sponsor",
"value": "The FreeBSD Foundation"
},
{
"lang": "en",
"type": "sponsor",
"value": "The Alpha-Omega Project"
}
],
"datePublic": "2024-10-29T21:32:53.000Z",
"descriptions": [
{
"lang": "en",
"value": "The NVMe driver queue processing is vulernable to guest-induced infinite loops."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:58:04.254Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc"
}
],
"title": "bhyve(8) NVMe driver to guest-induced infinite loops."
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2024-51566",
"datePublished": "2024-11-12T14:58:04.254Z",
"dateReserved": "2024-10-29T17:16:43.254Z",
"dateUpdated": "2025-11-03T20:45:22.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20796 (GCVE-0-2025-20796)
Vulnerability from cvelistv5 – Published: 2026-01-06 01:46 – Updated: 2026-03-30 13:04
VLAI
Summary
In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10314745; Issue ID: MSV-5553.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Specified Index, Position, or Offset
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MediaTek, Inc. | MediaTek chipset |
Affected:
MT6989
Affected: MT8796 Affected: MT8893 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-20796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T04:55:47.977874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:59.230Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MediaTek chipset",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "MT6989"
},
{
"status": "affected",
"version": "MT8796"
},
{
"status": "affected",
"version": "MT8893"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10314745; Issue ID: MSV-5553."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Specified Index, Position, or Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T13:04:08.419Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2026"
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2025-20796",
"datePublished": "2026-01-06T01:46:40.242Z",
"dateReserved": "2024-11-01T01:21:50.403Z",
"dateUpdated": "2026-03-30T13:04:08.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2399 (GCVE-0-2025-2399)
Vulnerability from cvelistv5 – Published: 2026-03-10 04:40 – Updated: 2026-03-24 02:03
VLAI
Title
Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series
Summary
Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720VS, M730VS, and M750VS, M70V Series M70V, E70 Series E70, and Software Tools NC Trainer2 and NC Trainer2 plus allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition by sending specially crafted packets to TCP port 683.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU95523788/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
20 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T17:31:56.365207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T17:32:04.722Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M800V Series M800VW",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2051W000 versions BB and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M800V Series M800VS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2052W000 versions BB and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M80V Series M80V",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2053W000 versions BB and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M80V Series M80VW",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2054W000 versions BB and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M800 Series M800W",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2005W000 versions FM and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M800 Series M800S",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2006W000 versions FM and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M80 Series M80",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2007W000 versions FM and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M80 Series M80W",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2008W000 versions FM and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC E80 Series E80",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2009W000 versions FM and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC C80 Series C80",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-2036W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M750VW",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1015W002 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M720VW",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1015W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M730VW",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1015W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M720VS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1012W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M730VS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1012W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M700V Series M750VS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1012W002 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC M70V Series M70V",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1018W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC E70 Series E70",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1022W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC Software Tools NC Trainer2",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1802W000 all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric CNC Software Tools NC Trainer2 plus",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "System Number BND-1803W000 all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720VS, M730VS, and M750VS, M70V Series M70V, E70 Series E70, and Software Tools NC Trainer2 and NC Trainer2 plus allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition by sending specially crafted packets to TCP port 683."
}
],
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and M800VS, M80V Series M80V and M80VW, M800 Series M800W and M800S, M80 Series M80 and M80W, E80 Series E80, C80 Series C80, M700V Series M750VW, M720VW, 730VW, M720VS, M730VS, and M750VS, M70V Series M70V, E70 Series E70, and Software Tools NC Trainer2 and NC Trainer2 plus allows a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition by sending specially crafted packets to TCP port 683."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T02:03:47.520Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2025-022_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU95523788/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-05"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-2399",
"datePublished": "2026-03-10T04:40:00.599Z",
"dateReserved": "2025-03-17T08:30:11.608Z",
"dateUpdated": "2026-03-24T02:03:47.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2633 (GCVE-0-2025-2633)
Vulnerability from cvelistv5 – Published: 2025-07-23 15:49 – Updated: 2025-07-23 17:23
VLAI
Title
Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts
Summary
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
1 reference
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T17:23:47.897012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T17:23:55.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "LabVIEW",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "22.3.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "23.3.6",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "24.3.3",
"status": "affected",
"version": "24.0.0",
"versionType": "semver"
},
{
"lessThan": "25.3.0",
"status": "affected",
"version": "25.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl working with CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.\u003c/p\u003e"
}
],
"value": "Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T15:49:06.836Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-2633",
"datePublished": "2025-07-23T15:49:06.836Z",
"dateReserved": "2025-03-21T21:15:17.811Z",
"dateUpdated": "2025-07-23T17:23:55.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2634 (GCVE-0-2025-2634)
Vulnerability from cvelistv5 – Published: 2025-07-23 15:53 – Updated: 2025-07-23 20:10
VLAI
Title
Out of Bounds Read Vulnerability in NI LabVIEW when building font map
Summary
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
1 reference
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T20:09:47.785454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T20:10:00.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "LabVIEW",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "22.3.5",
"status": "affected",
"version": "0",
"versionType": "sem"
},
{
"lessThanOrEqual": "23.3.6",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "24.3.3",
"status": "affected",
"version": "24.0.0",
"versionType": "semver"
},
{
"lessThan": "25.3.0",
"status": "affected",
"version": "25.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl working with CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.\u003c/p\u003e"
}
],
"value": "Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T15:53:25.130Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out of Bounds Read Vulnerability in NI LabVIEW when building font map",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2025-2634",
"datePublished": "2025-07-23T15:53:25.130Z",
"dateReserved": "2025-03-21T21:15:19.488Z",
"dateUpdated": "2025-07-23T20:10:00.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3357 (GCVE-0-2025-3357)
Vulnerability from cvelistv5 – Published: 2025-05-28 14:51 – Updated: 2026-02-26 18:27
VLAI
Title
IBM Tivoli Monitoring code execution
Summary
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7234923 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Tivoli Monitoring |
Affected:
6.3.0.7 , ≤ 6.3.0.7 SP15
(semver)
cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:* cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-29T03:55:50.764227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:50.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Tivoli Monitoring",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "6.3.0.7 SP15",
"status": "affected",
"version": "6.3.0.7",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aleksandr Tlyapov"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u0026nbsp;could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
}
],
"value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u00a0could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T14:56:28.301Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7234923"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Tivoli Monitoring code execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-3357",
"datePublished": "2025-05-28T14:51:29.649Z",
"dateReserved": "2025-04-06T21:14:20.726Z",
"dateUpdated": "2026-02-26T18:27:50.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3755 (GCVE-0-2025-3755)
Vulnerability from cvelistv5 – Published: 2025-05-29 04:47 – Updated: 2025-08-27 08:02
VLAI
Title
Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module
Summary
Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerab… | vendor-advisory |
| https://jvn.jp/vu/JVNVU94070048/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
75 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-29T13:16:50.949939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T13:17:00.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery.\u003cbr\u003e"
}
],
"value": "Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. The product is needed to reset for recovery."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial-of-Service (DoS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T08:02:37.808Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-003_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU94070048/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-153-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-3755",
"datePublished": "2025-05-29T04:47:52.187Z",
"dateReserved": "2025-04-17T07:04:51.773Z",
"dateUpdated": "2025-08-27T08:02:37.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48502 (GCVE-0-2025-48502)
Vulnerability from cvelistv5 – Published: 2025-11-21 19:07 – Updated: 2025-11-24 21:02
VLAI
Summary
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
1 reference
Date Public
2025-11-24 21:02
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T19:19:08.282013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T19:19:29.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD \u03bcProf",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2025-11-24T21:02:15.564Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. \u003cbr\u003e"
}
],
"value": "Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T21:02:33.311Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-48502",
"datePublished": "2025-11-21T19:07:34.889Z",
"dateReserved": "2025-05-22T16:34:02.895Z",
"dateUpdated": "2025-11-24T21:02:33.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48511 (GCVE-0-2025-48511)
Vulnerability from cvelistv5 – Published: 2025-11-24 21:00 – Updated: 2025-11-24 21:13
VLAI
Summary
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
1 reference
Date Public
2025-11-24 21:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T21:12:56.753582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T21:13:33.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD \u03bcProf",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported through AMD Bug Bounty Program"
}
],
"datePublic": "2025-11-24T21:00:11.556Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. \u003cbr\u003e"
}
],
"value": "Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T21:00:32.010Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-48511",
"datePublished": "2025-11-24T21:00:32.010Z",
"dateReserved": "2025-05-22T16:34:02.896Z",
"dateUpdated": "2025-11-24T21:13:33.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-5
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.