CVE-2025-25061

Summary

Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack.

Affected Software

VendorProductVersion RangeStatus
JTEKT ELECTRONICS CORPORATIONHMI ViewJet C-more seriesAll versionsaffected
JTEKT ELECTRONICS CORPORATIONHMI GC-A2 seriesAll versionsaffected

Weaknesses

  • CWE-441: Unintended proxy or intermediary ('Confused Deputy')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References