Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-26412

The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands with root permission on the modem. An attacker needs either physical access or remote shell access to a device that interacts directly with the modem via AT commands.

Published

2025-06-11T09:15:22.067

Last Modified

2025-06-18T05:15:48.290

Status

Awaiting Analysis

Source

551230f0-3615-47bd-b7cc-93e92e730bbf

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-912

Affected Vendors & Products

References

https://r.sec-consult.com/simcom (551230f0-3615-47bd-b7cc-93e92e730bbf)
http://seclists.org/fulldisclosure/2025/Jun/17 (af854a3a-2127-422b-91ae-364da2661108)