CVE-2025-47420

Summary

266 vulnerability in Crestron Automate VX allows Privilege Escalation.This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.

Affected Software

VendorProductVersion RangeStatus
CrestronAutomate VX5.6.8161.21536 <= 6.4.0.49affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

Workarounds

Limit all API usage to users with full permissions.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References