CVE-2025-48468

EPSS 0.03%
Published 24.06.2025 02:16:21
Last modified 09.07.2025 15:20:29
Source 5f57b9bf-260d-4433-bf07-b6a79e
Teams watchlist Login
Open Login

Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Advantech ≫ Wise-4010lan Firmware Version2.02b00

Advantech ≫ Wise-4010lan Version-

Advantech ≫ Wise-4050lan Firmware Version2.02b00

Advantech ≫ Wise-4050lan Version-

Advantech ≫ Wise-4060lan Firmware Version2.02b00

Advantech ≫ Wise-4060lan Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.058

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
5f57b9bf-260d-4433-bf07-b6a79e9bb7d4	6.4	0.5	5.9	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1191 On-Chip Debug and Test Interface With Improper Access Control

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-48468

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-48468

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-48468

EUVD