CVE-2025-9999
7.6
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/AU:Y/R:U/RE:M/U:Green
Summary
Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| arcinfo | PcVue | 16.0.0 <= 16.3.3 | affected |
| arcinfo | PcVue | 15.0.0 <= 15.2.12 | affected |
| arcinfo | PcVue | 12.0.0 <= 12.0.31 | affected |
Weaknesses
- CWE-940: CWE-940 Improper Verification of Source of a Communication Channel
- CWE-1288: CWE-1288 Improper Validation of Consistency within Input
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.