CVE-2025-14751

Summary

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.

Affected Software

VendorProductVersion RangeStatus
WeintekcMT3072XH20200630 < 20241112affected
WeintekcMT3072XH(T)20200630 < 20241112affected
WeintekcMT-SVRX-82020220413 < 20240919affected
WeintekcMT-CTRL0120230308 < 20250827affected

Weaknesses

  • CWE-620: CWE-620 Unverified Password Change

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References