← volver
CVE-2025-1037

CVE-2025-1037

CVSS 7.5 HIGHEPSS 0.1%CWE-269
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
28 oct 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Hitachi Energy · TropOS 4th Gen

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000214&LanguageCode=en&DocumentPartId=&Action=Launch