{"vulnerability": "cve-2025-27257", "sightings": [{"uuid": "62041b8f-cfe8-4617-b0ea-906803e27f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljzhryfo6b2h", "content": "", "creation_timestamp": "2025-03-10T11:40:23.956561Z"}, {"uuid": "d6246e1c-c829-4a7d-b3bb-2e2724965a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "f379f672-f36a-4c3f-bf34-91d0de20f9c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "https://t.me/cvedetector/19948", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27257 - GE Vernova UR IED Firmware Signing Bypass Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-27257 \nPublished : March 10, 2025, 9:15 a.m. | 1\u00a0hour, 53\u00a0minutes ago \nDescription : Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware.  \nThe firmware signature verification is enforced only on the client-side dedicated software Enervista UR Setup, allowing the integration check to be bypassed. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T12:20:59.000000Z"}, {"uuid": "0dafe0bc-1b18-4153-a2ef-e86412290713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:32.000000Z"}, {"uuid": "5b05f202-026d-44d0-9dd3-9d66919f2e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "Telegram/w8Mv8qXWnL2SDSsY9okaCQvydy0LDbAk8Rr2ILu5ezYpqPBk", "content": "", "creation_timestamp": "2025-03-10T14:45:04.000000Z"}, {"uuid": "bcc325a9-e3fc-4225-95da-bcc7fb764c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27257", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6983", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27257\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)\n\ud83d\udd39 Description: Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware.\nThe firmware signature verification is enforced only on the client-side dedicated software Enervista UR Setup, allowing the integration check to be bypassed.\n\ud83d\udccf Published: 2025-03-10T09:05:34.817Z\n\ud83d\udccf Modified: 2025-03-10T09:05:34.817Z\n\ud83d\udd17 References:\n1. https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily&type=21&file=76", "creation_timestamp": "2025-03-10T09:41:26.000000Z"}]}