CVE-2025-15235

Summary

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing authenticated remote attackers to modify specific network packet parameters, enabling certain system functions to access other users' files.

Affected Software

VendorProductVersion RangeStatus
Quanta ComputerQOCA aim AI Medical Cloud Platform0 <= 2.7.5affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References