CVE-2025-47415

Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CRESTRON TOUCHSCREENS x70 allows Relative Path Traversal.This issue affects TOUCHSCREENS x70: from 3.000.0110.001 before 3.001.0031.001.

Confirmed Affected Hardware: TSW-760, TSW-1060

Confirmed Affected Firmware: 3.002.1061 - (no fix released, product discontinued)

 

For x70  

The Affected Firmware:- 3.000.0110.001  and versions below

The Fixed Firmware:- 3.001.0031.001

Affected Software

VendorProductVersion RangeStatus
CRESTRONTOUCHSCREENS x60, x70 series3.000.0110.001 < 3.001.0031.001affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References