CVE-2025-7884

Eluktronics Control Center REG File data authenticity

CVSS 4.8 MEDIUMEPSS 0.1%CWE-345

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.8EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

20 jul 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Produtos afetados

Eluktronics · Control Center

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://drive.proton.me/urls/5PQ1VRZ3CG#M2JyUWapaX85 https://vuldb.com/?ctiid.316999 https://vuldb.com/?id.316999 https://vuldb.com/?submit.611436