3.1

CVE-2025-48463

EPSS 0.01%
Published 24.06.2025 02:10:39
Last modified 09.07.2025 15:03:14
Source 5f57b9bf-260d-4433-bf07-b6a79e
Teams watchlist Login
Open Login

Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Advantech ≫ Wise-4060lan Firmware Version-

Advantech ≫ Wise-4060lan Version-

Advantech ≫ Wise-4050lan Firmware Version-

Advantech ≫ Wise-4050lan Version-

Advantech ≫ Wise-4010lan Firmware Version-

Advantech ≫ Wise-4010lan Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.007

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
5f57b9bf-260d-4433-bf07-b6a79e9bb7d4	3.1	1.6	1.4	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-48463

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-48463

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-48463

EUVD