Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-2875

CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources.

Published

2025-05-14T09:15:20.097

Last Modified

2025-05-16T14:43:56.797

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-610

Affected Vendors & Products

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-133-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-133-01.pdf ([email protected])