6.4
CVE-2025-48468
- EPSS 0.03%
- Veröffentlicht 24.06.2025 02:16:21
- Zuletzt bearbeitet 09.07.2025 15:20:29
- Quelle 5f57b9bf-260d-4433-bf07-b6a79e
- Teams Watchlist Login
- Unerledigt Login
Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Advantech ≫ Wise-4010lan Firmware Version2.02b00
Advantech ≫ Wise-4050lan Firmware Version2.02b00
Advantech ≫ Wise-4060lan Firmware Version2.02b00
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.058 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 5f57b9bf-260d-4433-bf07-b6a79e9bb7d4 | 6.4 | 0.5 | 5.9 |
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-1191 On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.