CVE-2025-0675
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Multiple Elber products suffer from an unauthenticated device configuration and client-side hidden functionality disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Elber | Signum DVB-S/S2 IRD | 0 <= 1.999 | affected |
| Elber | Cleber/3 Broadcast Multi-Purpose Platform | 1.0 | affected |
| Elber | Reble610 M/ODU XPIC IP-ASI-SDH | 0.01 | affected |
| Elber | ESE DVB-S/S2 Satellite Receiver | 0 <= 1.5.179 | affected |
| Elber | Wayber Analog/Digital Audio STL | 4 | affected |
Weaknesses
- CWE-912: CWE-912
Workarounds
Elber does not plan to mitigate these vulnerabilities because this equipment is either end of life or almost end of life. Users of affected versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite Receiver, and Wayber Analog/Digital Audio STL are invited to contact Elber customer support https://elber.it/en/elber-contacts.php for additional information.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.