CVE-2025-35983 in Controller 7000informazioni

Riassunto

di MITRE • 10/07/2025

Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected.

This issue affects Controller 7000:

9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsabile

Gallagher

Prenotare

17/06/2025

Divulgazione

10/07/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00159

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!