CVE-2025-9038
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N
Summary
Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on Windows allows Privilege Escalation.This issue affects S1 Agile Configuration Software: 3.1 and previous version.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| GE Vernova | S1 Agile Configuration Software | 3.1 and previous version | affected |
Weaknesses
- CWE-269: CWE-269 Improper Privilege Management
Workarounds
As a workaround, GE Vernova recommends having sufficient security controls in place on the workstation where S1 Agile software is installed. This will ensure the attacker’s remote connection to the computer is not feasible. Harden the computer on which S1 Agile is installed. The product deployment guide can be used to understand the guidelines around how the product can be deployed in the end user’s environment.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.