← voltar
CVE-2025-1037

CVE-2025-1037

CVSS 7.5 HIGHEPSS 0.1%CWE-269
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.5EPSS 0.1%KEV nãoPoC Patch
Ciclo de vida
28 out 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Hitachi Energy · TropOS 4th Gen

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000214&LanguageCode=en&DocumentPartId=&Action=Launch