5.3
CVE-2025-27377
- EPSS 0.17%
- Veröffentlicht 22.01.2026 00:16:04
- Zuletzt bearbeitet 26.02.2026 21:49:17
- Quelle 4760f414-e1ae-4ff1-bdad-c7a9c3
- CVE-Watchlists
- Unerledigt
LoginMissing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.07 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 4760f414-e1ae-4ff1-bdad-c7a9c3538b79 | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
https://www.altium.com/platform/security-compliance/security-advisories