CVE-2025-7024
Local privilege escalation in Windows Server OS through installed Tetra Connectivity Server (TCS)
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.6EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse.
An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the vulnerable directory.
This issue affects TETRA connectivity Server: 7.0.
Vulnerability fix is available and delivered to impacted customers.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
Affected products
AIRBUS · TETRA Connectivity Server (TCS)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →